VDB
NCSC-2025-341
NCSC-2025-341
PUBLISHED
CVSS 8.600000381469727 HIGH
A vulnerability in specific versions of BIND 9's DNS resolver allows cache injection of forged DNS records, posing a risk of redirecting clients to malicious domains, classified as Important due to limited impact.
Risk Scores
CVSS 3.1
8.600000381469727
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| ISC | vers:unknown/* |
Timeline
- Oct 24, 2025 CVE Published
- Oct 27, 2025 CVE Updated
- Mar 20, 2026 Security Advisory
- Mar 20, 2026 Security Advisory
- Mar 20, 2026 Security Advisory
- Mar 20, 2026 Security Advisory
References
- https://advisories.ncsc.nl/csaf/v2/2025/ncsc-2025-0341.json advisory
- https://kb.isc.org/docs/cve-2025-40778 advisory
- https://kb.isc.org/docs/cve-2025-40780 advisory
- https://kb.isc.org/docs/cve-2025-8677 advisory
- https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-40778.json advisory
- https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-40780.json advisory
- https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-8677.json advisory