A newly disclosed security flaw has put more than 706,000 BIND 9 DNS resolvers worldwide at risk of cache poisoning attacks, according to an advisory published by the Internet Systems Consortium (ISC) on October 22, 2025. The vulnerability, identified as CVE-2025-40778, carries a CVSS v3.1 severity score of 8.6 (High) and could enable remote attackers to inject forged DNS records into resolver caches.
First seen on thecyberexpress.com
Jump to article: thecyberexpress.com/cve-2025-40778-flaw-exposes-706k-servers/
