Security Alert: ISC Releases Patches for Critical BIND 9 Flaws

ISC published urgent patches for multiple critical BIND 9 vulnerabilities (including CVE-2026-3039, CVE-2026-3593, CVE-2026-5946, CVE-2026-5947, CVE-2026-5950, and CVE-2026-3592) that allow remote unauthenticated actors to cause memory exhaustion, use-after-free corruption, immediate process termination, unbounded retry loops, and DNS amplification; administrators are advised to upgrade to specified fixed versions (9.18.49, 9.20.23, 9.21.22 or Supported Preview builds) and apply mitigations such as disabling DNS-over-HTTPS until patched.