The Internet Systems Consortium (ISC) has released new updates for its widely used BIND 9 DNS software, addressing four vulnerabilities, including two classified as high severity. These flaws could allow attackers to disrupt DNS services by exploiting weaknesses in how the software handles certain queries.
One of the most critical vulnerabilities (CVE-2026-3104) involves a memory leak issue triggered by specially crafted domain queries. If exploited, it can cause continuous memory consumption in BIND resolvers, eventually leading to out-of-memory conditions and potential system crashes.
Another high-severity flaw (CVE-2026-1519) can cause excessive CPU usage when processing malicious DNSSEC data. This can significantly reduce the resolver’s ability to handle legitimate queries, effectively creating a denial-of-service (DoS) scenario.
In addition to these, two medium-severity vulnerabilities were also patched. One (CVE-2026-3119) could cause unexpected termination of the DNS service when handling specific query types, while another (CVE-2026-3591) may allow access control list (ACL) bypass through specially crafted requests.
The vulnerabilities primarily impact BIND resolvers rather than authoritative servers, but their exploitation could still disrupt critical internet services that rely on DNS resolution. Experts warn that such issues are particularly concerning due to BIND’s widespread use across enterprises, ISPs, and cloud infrastructure.
Patches have been released in updated versions including BIND 9.18.47, 9.20.21, and 9.21.20. While there is currently no evidence of active exploitation, organizations are strongly advised to update immediately to prevent potential service disruptions.
The update highlights ongoing risks in core internet infrastructure, emphasizing the need for timely patching and proactive monitoring to safeguard against increasingly sophisticated network-based attacks.
 has released new updates for its widely used BIND 9 DNS software, addressing four vulnerabilities){kind=link}