7.5
CVE-2026-1519
- EPSS 0.03%
- Veröffentlicht 25.03.2026 13:25:19
- Zuletzt bearbeitet 13.04.2026 10:16:11
- Quelle security-officer@isc.org
- CVE-Watchlists
- Unerledigt
Excessive NSEC3 iterations cause high CPU load during insecure delegation validation
If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU. Authoritative-only servers are generally unaffected, although there are circumstances where authoritative servers may make recursive queries (see: https://kb.isc.org/docs/why-does-my-authoritative-server-make-recursive-queries). This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.46, 9.20.0 through 9.20.20, 9.21.0 through 9.21.19, 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.46-S1, and 9.20.9-S1 through 9.20.20-S1.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerISC
≫
Produkt
BIND 9
Default Statusunaffected
Version <=
9.16.50
Version
9.11.0
Status
affected
Version <=
9.18.46
Version
9.18.0
Status
affected
Version <=
9.20.20
Version
9.20.0
Status
affected
Version <=
9.21.19
Version
9.21.0
Status
affected
Version <=
9.16.50-S1
Version
9.11.3-S1
Status
affected
Version <=
9.18.46-S1
Version
9.18.11-S1
Status
affected
Version <=
9.20.20-S1
Version
9.20.9-S1
Status
affected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.03% | 0.093 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| security-officer@isc.org | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
CWE-606 Unchecked Input for Loop Condition
The product does not properly check inputs that are used for loop conditions, potentially leading to a denial of service or other consequences because of excessive looping.