CVE-2026-5950

CVE-2026-5950

Name

CVE-2026-5950

Description

An unbounded resend loop vulnerability exists in the BIND 9 resolver state machine during bad-server handling, enabling a remote unauthenticated attacker to cause severe resource exhaustion by sending queries that trigger specific retry conditions. This issue affects BIND 9 versions 9.18.36 through 9.18.48, 9.20.8 through 9.20.22, 9.21.7 through 9.21.21, 9.18.36-S1 through 9.18.48-S1, and 9.20.9-S1 through 9.20.22-S1.

NVD Severity

unknown

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
security-officer@isc.org	https://downloads.isc.org/isc/bind9/9.18.49
security-officer@isc.org	https://downloads.isc.org/isc/bind9/9.20.23
security-officer@isc.org	https://downloads.isc.org/isc/bind9/9.21.22
security-officer@isc.org	https://kb.isc.org/docs/cve-2026-5950

Type

URI

security-officer@isc.org

https://downloads.isc.org/isc/bind9/9.18.49

security-officer@isc.org

https://downloads.isc.org/isc/bind9/9.20.23

security-officer@isc.org

https://downloads.isc.org/isc/bind9/9.21.22

security-officer@isc.org

https://kb.isc.org/docs/cve-2026-5950

Match rules

CPE URI	Source package	Min version	Max version
`cpe:2.3:a:isc:bind:::::-:::*`	bind	>= 9.18.36	< 9.18.49
`cpe:2.3:a:isc:bind:::::-:::*`	bind	>= 9.20.8	< 9.20.23
`cpe:2.3:a:isc:bind:::::-:::*`	bind	>= 9.21.7	< 9.21.21

CPE URI

Source package

Min version

Max version

cpe:2.3:a:isc:bind:*:*:*:*:-:*:*:*

bind

>= 9.18.36

< 9.18.49

cpe:2.3:a:isc:bind:*:*:*:*:-:*:*:*

bind

>= 9.20.8

< 9.20.23

cpe:2.3:a:isc:bind:*:*:*:*:-:*:*:*

bind

>= 9.21.7

< 9.21.21

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
bind	edge-main	9.20.23-r0	Mike Crute <mike@crute.us>	fixed
bind	edge-main	9.20.22-r0	Mike Crute <mike@crute.us>	possibly vulnerable
bind	edge-main	9.20.21-r0	Mike Crute <mike@crute.us>	possibly vulnerable
bind	edge-main	9.20.20-r0	Mike Crute <mike@crute.us>	possibly vulnerable
bind	edge-main	9.20.19-r0	Mike Crute <mike@crute.us>	possibly vulnerable
bind	edge-main	9.20.18-r0	Mike Crute <mike@crute.us>	possibly vulnerable
bind	edge-main	9.20.17-r0	Mike Crute <mike@crute.us>	possibly vulnerable
bind	edge-main	9.20.16-r0	Mike Crute <mike@crute.us>	possibly vulnerable
bind	edge-main	9.20.15-r0	Mike Crute <mike@crute.us>	possibly vulnerable
bind	edge-main	9.20.13-r0	Mike Crute <mike@crute.us>	possibly vulnerable
bind	edge-main	9.20.12-r0	Mike Crute <mike@crute.us>	possibly vulnerable
bind	edge-main	9.20.11-r0	Mike Crute <mike@crute.us>	possibly vulnerable
bind	edge-main	9.20.10-r0	Mike Crute <mike@crute.us>	possibly vulnerable
bind	edge-main	9.20.9-r0	Mike Crute <mike@crute.us>	possibly vulnerable
bind	edge-main	9.20.8-r0	Mike Crute <mike@crute.us>	possibly vulnerable
bind	3.23-main	9.20.23-r0	Mike Crute <mike@crute.us>	fixed
bind	3.23-main	9.20.22-r0	Mike Crute <mike@crute.us>	possibly vulnerable
bind	3.23-main	9.20.21-r0	Mike Crute <mike@crute.us>	possibly vulnerable
bind	3.23-main	9.20.20-r0	Mike Crute <mike@crute.us>	possibly vulnerable
bind	3.23-main	9.20.19-r0	Mike Crute <mike@crute.us>	possibly vulnerable
bind	3.23-main	9.20.18-r0	Mike Crute <mike@crute.us>	possibly vulnerable
bind	3.23-main	9.20.17-r0	Mike Crute <mike@crute.us>	possibly vulnerable
bind	3.22-main	9.20.23-r0	Mike Crute <mike@crute.us>	fixed
bind	3.22-main	9.20.22-r0	Mike Crute <mike@crute.us>	possibly vulnerable
bind	3.22-main	9.20.21-r0	Mike Crute <mike@crute.us>	possibly vulnerable
bind	3.22-main	9.20.18-r0	Mike Crute <mike@crute.us>	possibly vulnerable
bind	3.22-main	9.20.17-r0	Mike Crute <mike@crute.us>	possibly vulnerable
bind	3.22-main	9.20.16-r0	Mike Crute <mike@crute.us>	possibly vulnerable
bind	3.22-main	9.20.15-r0	Mike Crute <mike@crute.us>	possibly vulnerable
bind	3.22-main	9.20.13-r0	Mike Crute <mike@crute.us>	possibly vulnerable
bind	3.22-main	9.20.12-r0	Mike Crute <mike@crute.us>	possibly vulnerable
bind	3.22-main	9.20.11-r0	Mike Crute <mike@crute.us>	possibly vulnerable
bind	3.22-main	9.20.10-r0	Mike Crute <mike@crute.us>	possibly vulnerable
bind	3.22-main	9.20.9-r0	None	possibly vulnerable
bind	3.21-main	9.18.49-r0	Mike Crute <mike@crute.us>	fixed
bind	3.21-main	9.18.47-r0	Mike Crute <mike@crute.us>	possibly vulnerable
bind	3.21-main	9.18.44-r0	Mike Crute <mike@crute.us>	possibly vulnerable
bind	3.21-main	9.18.41-r0	Mike Crute <mike@crute.us>	possibly vulnerable
bind	3.21-main	9.18.39-r0	Mike Crute <mike@crute.us>	possibly vulnerable
bind	3.21-main	9.18.37-r0	Mike Crute <mike@crute.us>	possibly vulnerable
bind	3.21-main	9.18.36-r0	Mike Crute <mike@crute.us>	possibly vulnerable
bind	3.20-main	9.18.49-r0	Mike Crute <mike@crute.us>	fixed
bind	3.20-main	9.18.47-r0	Mike Crute <mike@crute.us>	possibly vulnerable
bind	3.20-main	9.18.44-r0	Mike Crute <mike@crute.us>	possibly vulnerable
bind	3.20-main	9.18.41-r0	Mike Crute <mike@crute.us>	possibly vulnerable
bind	3.20-main	9.18.39-r0	Mike Crute <mike@crute.us>	possibly vulnerable
bind	3.20-main	9.18.37-r0	Mike Crute <mike@crute.us>	possibly vulnerable
bind	3.20-main	9.18.36-r0	Mike Crute <mike@crute.us>	possibly vulnerable
bind	3.19-main	9.18.44-r0	Mike Crute <mike@crute.us>	possibly vulnerable
bind	3.19-main	9.18.41-r0	Mike Crute <mike@crute.us>	possibly vulnerable
bind	3.19-main	9.18.39-r0	Mike Crute <mike@crute.us>	possibly vulnerable
bind	3.19-main	9.18.37-r0	Mike Crute <mike@crute.us>	possibly vulnerable
bind	3.19-main	9.18.36-r0	Mike Crute <mike@crute.us>	possibly vulnerable

Source package

Branch

Version

Maintainer

Status

References

Match rules

Vulnerable and fixed packages