Zero Day MonitorZDM

← Back to list

5.3

CVE-2026-5950EXPLOITEDPATCHED

isc · bind

Unbounded resend loop in BIND 9 resolver

Description

An unbounded resend loop vulnerability exists in the BIND 9 resolver state machine during bad-server handling, enabling a remote unauthenticated attacker to cause severe resource exhaustion by sending queries that trigger specific retry conditions. This issue affects BIND 9 versions 9.18.36 through 9.18.48, 9.20.8 through 9.20.22, 9.21.7 through 9.21.21, 9.18.36-S1 through 9.18.48-S1, and 9.20.9-S1 through 9.20.22-S1.

Affected Products

Vendor	Product	Versions
isc	bind	9.18.36, 9.20.8, 9.21.7, 9.18.36-S1, 9.20.9-S1

Also Affects

Downstream vendors/products affected by this vulnerability

Vendor	Product	Source	Confidence
internet systems consortium	bind	cert_advisory	90%

References

Related News (5 articles)

Tier A

Microsoft MSRC3d ago

CVE-2026-5950 Unbounded resend loop in BIND 9 resolver

→ No new info (linked only)

Tier B

BSI Advisories5d ago

[NEU] [mittel] Internet Systems Consortium BIND: Mehrere Schwachstellen

→ No new info (linked only)

Tier B

CERT-FR5d ago

Multiples vulnérabilités dans ISC BIND (21 mai 2026)

→ No new info (linked only)

Tier C

oss-security6d ago

ISC has disclosed six vulnerabilities in BIND 9 (CVE-2026-3039, CVE-2026-3592, CVE-2026-3593, CVE-2026-5946, CVE-2026-5947, CVE-2026-5950)

→ No new info (linked only)

Tier C

VulDB6d ago

CVE-2026-5950 | ISC BIND up to 9.21.21 Resolver State Machine unchecked input for loop condition

→ No new info (linked only)

CVSS 3.15.3 MEDIUM

VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CISA KEV❌ No

Actively exploited✅ Yes

Patch available

https://kb.isc.org/docs/cve-2026-5950 https://downloads.isc.org/isc/bind9/9.18.49 https://downloads.isc.org/isc/bind9/9.20.23

CWECWE-606

PublishedMay 20, 2026

Last enriched5d agov3

Tags

CVE-2026-5946CVE-2026-5947

Trending Score45

Source articles5

Independent5

Info Completeness10/14

Missing: epss, kev, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

HIGHCVE-2026-1519

Excessive NSEC3 iterations cause high CPU load during insecure delegation validation

HIGHCVE-2026-5946EXP

Invalid handling of CLASS != IN

HIGHCVE-2026-5947EXP

SIG(0) validation during query flood may lead to undefined behavior

MEDIUMCVE-2026-3592EXP

Amplification vulnerabilities via self-pointed glue records

HIGHCVE-2026-3039EXP

BIND 9 server memory exhaustion during GSS-API TKEY negotiation

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

May 20, 2026

Discovered by ZDM

May 20, 2026

Updated: affectedVersions

May 20, 2026

Actively Exploited

May 20, 2026

Exploit Available

May 20, 2026

Patch Available

May 20, 2026

Updated: exploitAvailable, activelyExploited, tags

May 21, 2026

Version History

v3

Last enriched 5d ago

v3Tier B5d ago

Updated exploit availability to true, marked as actively exploited, and added new CVE tags.

exploitAvailableactivelyExploitedtags

via CERT-FR

v2Tier C6d ago

Updated affected versions to include 9.18.48, 9.18.48-S1, 9.20.22, and 9.20.22-S1, and noted that no exploit is available.

affectedVersions

via VulDB

v16d ago

Initial creation