VDB
GCVE-110-ISC-2026-3039
GCVE-110-ISC-2026-3039
Advisory Published
CVE: CVE-2026-3039
Title: BIND 9 server memory exhaustion during GSS-API TKEY negotiation
Document version: 2.0
Posting date: 20 May 2026
Program impacted: BIND 9
Versions affected:
BIND
9.0.0 -> 9.16.50
9.18.0 -> 9.18.48
9.20.0 -> 9.20.22
9.21.0 -> 9.21.21
BIND Supported Preview Edition
9.9.3-S1 -> 9.16.50-S1
9.18.11-S1 -> 9.18.48-S1
9.20.9-S1 -> 9.20.22-S1
(Versions prior to 9.11.37 were not assessed.)
Although we have not tested them individually, we believe that all EoL versions of BIND ...
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| ISC | BIND | — | — |
References
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.