CVE-2025-40778 - Vulnerability Details

Threat entity extracted from intelligence sources

Frequency
4
occurrences
First Seen
November 2, 2025
Last Seen
November 25, 2025

CVE-2025-40778 is a vulnerability tracked across 4 threat clusters and 4 intelligence report mentions on ThreatCluster. First observed November 2, 2025; most recent activity November 25, 2025.

Related Threat Clusters

  • SUSE and openSUSE Address Moderate grub2 Vulnerabilities

    SUSE and openSUSE have released updates for grub2 to address multiple vulnerabilities, including use-after-free and out-of-bounds write issues. The updates fix specific CVEs, including CVE-2025-54771 and CVE-2025-61661,…

    46 articles · Updated November 20, 2025
  • Critical BIND 9 DNS Vulnerability Exploited with Public Code Release

    A public exploit for CVE-2025-40778, a critical vulnerability in BIND 9, has been released, enabling DNS cache poisoning and traffic redirection. This flaw affects the widely used Domain Name System software, posing…

    1 article · Updated November 2, 2025
  • Fedora 43 and 42 Address Critical DNSSEC Vulnerability in BIND

    Fedora has released security updates for BIND, addressing a critical DNSSEC validation issue. The vulnerability, identified as CVE-2025-8677, allows DNSSEC validation to fail if a matching but invalid DNSKEY is found,…

    2 articles · Updated November 16, 2025
  • Fedora 43 and 42 Address Critical DNSSEC Vulnerability in BIND

    Fedora has released security updates for BIND (Berkeley Internet Name Domain) version 9.21.14 to address a critical vulnerability (CVE-2025-8677) affecting DNSSEC validation. This vulnerability allows DNSSEC validation…

    2 articles · Updated November 16, 2025

Recent Intelligence Reports

  • UBUNTU: Critical Spoofing Vulnerability Mitigation 2025:3333 — Linuxsecurity · November 25, 2025
  • Fedora 43: bind9-next Security Update CVE-2025 — Linuxsecurity · November 16, 2025
  • Fedora 42: bind9-next Critical DNSSEC Issues Fix 2025 — Linuxsecurity · November 16, 2025
  • Cybersecurity News Weekly Newsletter – EY Data Leak, Bind 9, Chrome Vulnerability, and ... — Cybersecuritynews · November 2, 2025

CVSS v3.1 Breakdown