Critical DNS Vulnerabilities in ISC BIND 9 Require Immediate Patching

Critical DNS Vulnerabilities in ISC BIND 9 Require Immediate Patching

First seen 3 Apr 2026, 05:15 UTC Ccb.Belgium.BeLinuxsecurity 75% similarity 74.0

Article Content

Browse articles
ThreatCluster

The Internet Systems Consortium (ISC) has released critical patches for multiple vulnerabilities in ISC BIND 9, a widely used DNS server software. Two high-severity vulnerabilities, CVE-2026-1519 and CVE-2026-3104, allow remote attackers to cause denial of service by sending crafted DNS queries without authentication. CVE-2026-1519 can lead to CPU exhaustion through excessive NSEC3 iterations, while CVE-2026-3104 causes memory leaks that can result in out-of-memory conditions. Both vulnerabilities affect BIND versions 9.20.0 to 9.21.19. ISC has not reported any active exploitation in the wild, and patches were available at the time of disclosure. Organizations are urged to prioritize updates and enhance monitoring for abnormal activity. The Centre for Cybersecurity Belgium has issued a warning, emphasizing the urgency of patching vulnerable systems.

Key Points: • ISC BIND 9 has critical vulnerabilities CVE-2026-1519 and CVE-2026-3104 requiring immediate patching. • Both vulnerabilities can be exploited remotely without authentication, leading to denial of service. • Organizations should enhance monitoring for suspicious activity related to these vulnerabilities.

ThreatCluster AI

Timeline

2026-03-25
CVE-2026-1519 and CVE-2026-3104 published
2026-03-25
CVE-2026-3119 published
2026-03-25
CVE-2026-3591 published
2026-04-01
Warning issued by CCB regarding ISC BIND 9 vulnerabilities
2026-04-03
Linuxsecurity article published detailing the DNS vulnerabilities

Community

Browse all →