Skip to content

RadicalNotion.AI

We do not sell or share your personal information

© 2026 RadicalNotion.AI

Security Data

CWE Directory
CAPEC Directory
CNA Directory
CNA Report Cards
Data Sources

Calculators

CVSS Calculator
CVSS 4.0
CVSS 3.1
CVSS 3.0
CVSS 2.0

Platform

My Vulnerabilities
Insights
Notifications
Account
Pricing

Learn

All guides
What is a CVE?
What is CVSS?
The CISA KEV catalog
What is EPSS?

Company

About us
Blog
Book a demo

Get Started

Sign up
Log in

Legal

Privacy
Terms

Security data

Weaknesses (CWE)The MITRE CWE weakness catalog
Attack Patterns (CAPEC)MITRE CAPEC attack patterns
CNAsNumbering authorities + report cards
VendorsVulnerabilities by vendor

Tools

CVSS CalculatorScore CVSS 4.0, 3.1, 3.0 & 2.0

Resources

LearnPlain-English security guides
Data SourcesHow we source CVE data

About Us Blog Pricing Book a Demo

Log in

Home
Vendors
Isc
Bind9

ISC BIND9 Vulnerabilities: CVEs, CISA KEV & Security Advisories

23 CVEs

ISC BIND9 Vulnerabilities

CVE security advisories and vulnerability history for BIND9 by ISC.

23

Total CVEs

Published

0

In CISA KEV

Exploited in the wild

1

Public exploits

With known exploit

6.9

Avg CVSS

2019–2022

Last updated September 21, 2022

Overview

ISC BIND9 has 23 published CVE records since 2019, of which 0 are in CISA's Known Exploited Vulnerabilities catalog and 1 have a known public exploit. The average CVSS base score across scored CVEs is 6.9.

This page aggregates every publicly disclosed vulnerability (CVE) affecting ISC BIND9, with a severity breakdown, the affected and patched versions, the most common weakness types, and the full CVE list.

Severity and exploitation

How the CVSS severity of ISC BIND9's CVEs breaks down, plus how many are exploited in the wild or have public exploit code.

Critical0

High15

Medium8

Low0

In CISA’s Known Exploited Vulnerabilities catalog

0

None of ISC BIND9's CVEs are currently listed in CISA's KEV catalog.

Public exploits

1

One of ISC BIND9's CVEs has a known public exploit available.

Affected versions and CVEs

Browse every ISC BIND9 version named in a CVE, then pick one to see only the CVEs that affect it.

Specific versions

9.11.14 through versions before 9.11.201 CVE
9.14.9 through versions 9.14.121 CVE
9.16.0 through versions before 9.16.41 CVE
Development Branch 9.17.161 CVE
Development Branch 9.19 9.19.01 CVE
Stable Branch 9.16.191 CVE
Supported Preview Edition 9.16.19-S11 CVE

Fixed in

9.16.65 CVEs
9.17.45 CVEs
9.11.223 CVEs
9.11.22-S13 CVEs
unspecified3 CVEs
Supported Preview*2 CVEs
> 9.10.81 CVE
> 9.9.131 CVE
> 9.9.13-S11 CVE

Find a version

23 CVEs

Sort

High vulnerability · 2022-09-21
CVE-2022-3080
Patch
Workaround
CWE-613
High · CVSS 7.5
EPSS 0.1% (33th pct)2022-09-21
High vulnerability · 2022-09-21
CVE-2022-38178
Patch
Workaround
CWE-401
High · CVSS 7.5
EPSS 1.4% (81th pct)2022-09-21
Memory leak in ECDSA DNSSEC verification code
CVE-2022-38177
Patch
Workaround
CWE-401
High · CVSS 7.5
EPSS 1.2% (79th pct)2022-09-21
High vulnerability · 2022-09-21
CVE-2022-2906
Patch
CWE-401
High · CVSS 7.5
EPSS 0.9% (75th pct)2022-09-21
Medium vulnerability · 2022-09-21
CVE-2022-2881
Patch
Workaround
CWE-125
Medium · CVSS 5.5
EPSS 0.7% (72th pct)2022-09-21
Medium vulnerability · 2022-09-21
CVE-2022-2795
Patch
Medium · CVSS 5.3
EPSS 0.5% (66th pct)2022-09-21
High vulnerability · 2022-05-19
CVE-2022-1183
Patch
High · CVSS 7.5
EPSS 0.4% (61th pct)2022-05-19
Medium vulnerability · 2021-10-27
CVE-2021-25219
Patch
Workaround
Medium · CVSS 5.3
EPSS 1.0% (78th pct)2021-10-27
High vulnerability · 2021-08-18
CVE-2021-25218
Patch
Workaround
High · CVSS 7.5
EPSS 0.6% (69th pct)2021-08-18
High vulnerability · 2021-04-29
CVE-2021-25216
Patch
Workaround
High · CVSS 8.1
EPSS 27.7% (97th pct)2021-04-29
High vulnerability · 2021-04-29
CVE-2021-25215
Patch
High · CVSS 7.5
EPSS 1.5% (81th pct)2021-04-29
Medium vulnerability · 2021-04-29
CVE-2021-25214
Patch
Workaround
Medium · CVSS 6.5
EPSS 0.8% (74th pct)2021-04-29
High vulnerability · 2021-02-17
CVE-2020-8625
Patch
Workaround
High · CVSS 8.1
EPSS 25.1% (96th pct)2021-02-17
update-policy rules of type "subdomain" are enforced incorrectly
CVE-2020-8624
Patch
Medium · CVSS 4.3
EPSS 1.6% (82th pct)2020-08-21
A flaw in native PKCS#11 code can lead to a remotely triggerable assertion failure in pk11.c
CVE-2020-8623
Patch
High · CVSS 7.5
EPSS 18.3% (95th pct)2020-08-21
A truncated TSIG response can lead to an assertion failure
CVE-2020-8622
Patch
Medium · CVSS 6.5
EPSS 2.6% (86th pct)2020-08-21
Attempting QNAME minimization after forwarding can lead to an assertion failure in resolver.c
CVE-2020-8621
Patch
High · CVSS 7.5
EPSS 4.9% (90th pct)2020-08-21
High vulnerability · 2020-08-21
CVE-2020-8620
Patch
High · CVSS 7.5
EPSS 8.4% (92th pct)2020-08-21
Medium vulnerability · 2020-06-17
CVE-2020-8619
Patch
Workaround
Medium · CVSS 4.9
EPSS 6.9% (92th pct)2020-06-17
Medium vulnerability · 2020-06-17
CVE-2020-8618
Patch
Workaround
Medium · CVSS 4.9
EPSS 1.3% (80th pct)2020-06-17
A logic error in code which checks TSIG validity can be used to trigger an assertion failure in tsig.c
CVE-2020-8617
Public exploit
Patch
Workaround
High · CVSS 7.5
EPSS 92.6% (100th pct)2020-05-19
High vulnerability · 2020-05-19
CVE-2020-8616
Patch
Workaround
High · CVSS 8.6
EPSS 15.3% (95th pct)2020-05-19
High vulnerability · 2019-11-26
CVE-2019-6477
Patch
Workaround
High · CVSS 7.5
EPSS 5.7% (91th pct)2019-11-26

Common weakness types

The CWE weakness categories most often found in ISC BIND9 CVEs. Follow any weakness for its full explanation.

CWE-401Missing Release of Memory after Effective Lifetime3 CVEs
CWE-125Out-of-bounds Read1 CVE
CWE-613Insufficient Session Expiration1 CVE

Disclosure activity by year

How many ISC BIND9 CVEs were published each year.

2019

1

2020

9

2021

6

2022

7

Other ISC products

Browse vulnerabilities for other products by ISC.

bind188 CVEs BIND 960 CVEs dhcp25 CVEs inn14 CVEs Kea11 CVEs dhcpd8 CVEs ISC DHCP6 CVEs BIND 9 Supported Preview Edition2 CVEs

All ISC vulnerabilities

Frequently asked questions

Common questions about ISC BIND9 vulnerabilities.

How many CVEs does ISC BIND9 have?

ISC BIND9 has 23 published CVE records since 2019.

How many ISC BIND9 CVEs are in CISA KEV?

None of ISC BIND9's CVEs are currently listed in CISA's Known Exploited Vulnerabilities catalog.

Are there public exploits for ISC BIND9 vulnerabilities?

Yes — 1 of ISC BIND9's CVEs have a known public exploit.

Which versions of ISC BIND9 are affected?

16 distinct ISC BIND9 versions are named across its CVEs. Use the version filter above to see the CVEs affecting a specific version.

What are the most common weakness types in ISC BIND9 CVEs?

ISC BIND9's CVEs most often map to these CWE weakness types: CWE-401 (Missing Release of Memory after Effective Lifetime), CWE-125 (Out-of-bounds Read), CWE-613 (Insufficient Session Expiration).

What is the average severity of ISC BIND9 CVEs?

The average CVSS base score across ISC BIND9's scored CVEs is 6.9.

References

All ISC vulnerabilities
The MITRE CVE Program (opens in a new tab)
Learn: What is a CVE?
CWE directory: the weakness types these CVEs map to

Vulnerability data is sourced from the CVE Program; severity, KEV, and exploit signals are aggregated by RadicalNotion.AI.

Track ISC BIND9 vulnerabilities

Monitor new ISC BIND9 vulnerabilities as they are disclosed, with AI-written analysis and remediation guidance.

Start free See pricing

On this page

Overview
Severity and exploitation
Affected versions and CVEs
Common weakness types
Disclosure activity
Other products
FAQ
References