Hackers News Hackers News
  • CyberSecurity News
  • Threats
  • Attacks
  • Vulnerabilities
  • Breaches
  • Comparisons

Social Media

Hackers News Hackers News
  • CyberSecurity News
  • Threats
  • Attacks
  • Vulnerabilities
  • Breaches
  • Comparisons
Search the Site
Popular Searches:
technology Amazon AI
Recent Posts
India Halts WhatsApp Usernames Rollout Due to Fraud Concerns
July 1, 2026
Critical Cursor IDE RCE Vulnerabilities Allow Zero-Click Prompt Injection
July 1, 2026
Automated Password Spray Attacks Target Microsoft Azure CLI
July 1, 2026
Home/CyberSecurity News/BIND 9 Vulnerability Allow Attackers to Crash Server by Sending Malicious Records
CyberSecurity News

BIND 9 Vulnerability Allow Attackers to Crash Server by Sending Malicious Records

A high-severity vulnerability has been disclosed in BIND 9, the widely used DNS server software that resolves domain names for millions of internet services. The vulnerability, tracked as...

Emy Elsamnoudy
Emy Elsamnoudy
January 22, 2026 2 Min Read
34 0

A high-severity vulnerability has been disclosed in BIND 9, the widely used DNS server software that resolves domain names for millions of internet services.

The vulnerability, tracked as CVE-2025-13878, enables remote attackers to crash DNS servers by sending specially crafted, malformed DNS records, potentially disrupting critical internet infrastructure and organizational services.

The vulnerability stems from improper handling of malformed BRID (Breadth-first Record ID) and HHIT (Host Hash Information Table) records within BIND 9’s named daemon.

Field Value
CVE Identifier CVE-2025-13878
Title Malformed BRID/HHIT records can cause named to terminate unexpectedly
Affected Software BIND 9 (DNS Server)
Vulnerability Type Denial of Service (DoS)
Attack Vector Network (Remote)
CVSS v3.1 Score 7.5
CVSS Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

When a DNS server receives a request containing corrupted or malicious records of these types, the daemon terminates unexpectedly, causing a complete service outage.

This denial-of-service (DoS) condition affects both authoritative nameservers and DNS resolvers, expanding the attack surface across diverse network architectures.

The vulnerability carries a CVSS v3.1 severity score of 7.5 (High), with an attack vector rated as Network-based, requiring no special privileges or user interaction.

This accessibility makes the flaw particularly concerning for publicly accessible DNS infrastructure.

BIND Version Branch Vulnerable Versions Patched Version
BIND 9 (Standard) 9.18.40 – 9.18.43 9.18.44
BIND 9 (Standard) 9.20.13 – 9.20.17 9.20.18
BIND 9 (Standard) 9.21.12 – 9.21.16 9.21.17
BIND SPE (Preview) 9.18.40-S1 – 9.18.43-S1 9.18.44-S1
BIND SPE (Preview) 9.20.13-S1 – 9.20.17-S1 9.20.18-S1

ISC disclosed this vulnerability publicly on January 21, 2026, following an early notification issued on January 14, 2026. The advisory recommends upgrading to the latest patched versions.

Notably, no active exploits are currently documented in the wild, providing organizations a critical window for proactive remediation before potential exploitation campaigns emerge.

Currently, no workarounds exist, making patching the only viable mitigation strategy. Organizations running BIND 9 should prioritize updating to the latest patched versions in their respective branches.

ISC acknowledges the security researcher for responsibly disclosing this vulnerability, demonstrating the continued importance of coordinated vulnerability reporting.

Disclaimer: HackersRadar reports on cybersecurity threats and incidents for informational and awareness purposes only. We do not engage in hacking activities, data exfiltration, or the hosting or distribution of stolen or leaked information. All content is based on publicly available sources.

Tags:

AttackCVEExploitPatchSecurityVulnerability

Share Article

Emy Elsamnoudy

Emy Elsamnoudy

Emy is a cybersecurity analyst and reporter specializing in threat hunting, defense strategies, and industry trends. With expertise in proactive security measures, Emily covers the tools and techniques organizations use to detect and prevent cyber attacks. She is a regular speaker at security conferences and has contributed to industry reports on threat intelligence and security operations. Emily's reporting focuses on helping organizations improve their security posture through practical, actionable insights.

Previous Post

New Multi-Stage Windows Malware Disables Microsoft Defender Before Dropping Malicious Payloads

Next Post

Critical Vulnerability in Binary-Parser Library for Node.js Allows Malicious Code injection

No Comment! Be the first one.

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Popular Posts
Critical Fluentd Vulnerabilities Allow Remote Code Execution
July 1, 2026
Weaponized Google Ads Install Malicious Claude Code to Hijack macOS
July 1, 2026
Critical Adobe ColdFusion Vulnerabilities Let Attackers Run Code
July 1, 2026
Top Authors
Marcus Rodriguez
Marcus Rodriguez
Jennifer sherman
Jennifer sherman
Emy Elsamnoudy
Emy Elsamnoudy
Let's Connect
156k
2.25m
285k

Related Posts

Jennifer sherman
By Jennifer sherman
Threats

GlassWorm Attacks macOS via Malicious VS Code…

January 1, 2026
Emy Elsamnoudy
By Emy Elsamnoudy
Attacks

ClickFix Attack Hides Malicious Code via Stegan Security

January 1, 2026
Sarah simpson
By Sarah simpson
Vulnerabilities

MongoBleed Detector Tool Released to Detect MongoDB Vulnerability(CVE-2025-14847)

January 1, 2026
Emy Elsamnoudy
By Emy Elsamnoudy
Breaches

Conti Ransomware Gang Leaders & Infrastructure Exposed

January 1, 2026
Hackers News Hackers News
  • [email protected]

Quick Links

  • Contact Us
  • Privacy Policy
  • Terms of service

Categories

Attacks
Breaches
Comparisons
CyberSecurity News
Threats
Vulnerabilities

Let's keep in touch

receive fresh updates and breaking cyber news every day and week!

All Rights Reserved by HackersRadar ©2026

Follow Us