VDB
CVE-2025-40776
CVE-2025-40776
PUBLISHED
CVSS 9.300000190734863 CRITICAL
BIND (Berkeley Internet Name Domain) ist ein Open-Source-Softwarepaket, das einen Domain-Name-System-Server implementiert.
EPSS 0.05% · 15.2th percentile
Risk Scores
CVSS v4.0
9.300000190734863
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
EPSS Score
0.05%
15.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Internet Systems Consortium | Internet Systems Consortium BIND <9.20.11-S1 | |
| Internet Systems Consortium | Internet Systems Consortium BIND <9.18.38-S1 | |
| SUSE | SUSE Linux |
Timeline
- Jul 16, 2025 Coalition ESS Score
- Jul 16, 2025 Coalition ESS Score
- Jul 16, 2025 PoC Published
- Jul 16, 2025 CVE Published
- Jul 16, 2025 PoC Published
- Jul 16, 2025 PoC Published
- Jul 17, 2025 EPSS Score
- Jul 17, 2025 Coalition ESS Score
- Jul 20, 2025 PoC Published
- Jul 21, 2025 PoC Published
- Jul 22, 2025 PoC Published
- Jul 22, 2025 CVE Updated
References
- https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-1585.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1585 advisory
- https://kb.isc.org/docs/cve-2025-40776 advisory
- https://github.com/advisories/GHSA-2hm8-9847-q7gc advisory
- https://kb.isc.org/docs/cve-2025-40777 advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2381418 advisory
- https://lists.suse.com/pipermail/sle-security-updates/2025-July/021837.html advisory