CVE-2026-3593
EUVD-2026-3110820.05.2026, 13:16
A use-after-free vulnerability exists within the DNS-over-HTTPS implementation. This issue affects BIND 9 versions 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, and 9.20.9-S1 through 9.20.22-S1. BIND 9 versions 9.18.0 through 9.18.48 and 9.18.11-S1 through 9.18.48-S1 are NOT affected.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| isc | bind | 9.20.0 ≤ 𝑥 < 9.20.23 |
| isc | bind | 9.21.0 ≤ 𝑥 < 9.21.22 |
𝑥
= Vulnerable software versions
Debian Releases
openSUSE / SLES Releases
openSUSE Product | |||||||
|---|---|---|---|---|---|---|---|
| bind |
| ||||||
| bind-doc |
| ||||||
| bind-utils |
|
Common Weakness Enumeration
References