CVE-2025-40776 – BIND Named Cache-Poisoning Vulnerability

July 16, 2025

CVE ID : CVE-2025-40776

Published : July 16, 2025, 2:15 p.m. | 3 hours, 59 minutes ago

Description : A `named` caching resolver that is configured to send ECS (EDNS Client Subnet) options may be vulnerable to a cache-poisoning attack.
This issue affects BIND 9 versions 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.37-S1, and 9.20.9-S1 through 9.20.10-S1.

Severity: 8.6 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-53923 – Emlog Cross-Site Scripting Vulnerability

Next Article CVE-2025-52836 – Unity Business Technology Pty Ltd The E-Commerce ERP Privilege Escalation Vulnerability

Highlights

CVE-2025-6701 – Xuxueli xxl-sso Open Redirect Vulnerability

June 26, 2025

CVE ID : CVE-2025-6701

Published : June 26, 2025, 4:15 p.m. | 51 minutes ago

Description : A vulnerability, which was classified as problematic, has been found in Xuxueli xxl-sso 1.1.0. This issue affects some unknown processing of the file /xxl-sso-server/doLogin. The manipulation of the argument redirect_url leads to open redirect. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 3.5 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

In-House vs Outsourcing for React.js Development: Understand What Is Best for Your Enterprise

Tiny Screens, Big Impact: The Forgotten Art Of Developing Web Apps For Feature Phones

Kong AI Gateway 3.11 introduces new method for reducing token costs

Native vs hybrid vs cross-platform: Resolving the trilemma

Microsoft’s AI CEO says Google nearly launched “ChatGPT” before OpenAI — but brutal skeptics, fears of disrupting search, and safety concerns thwarted the plan

You’ve got to try these 5 premium Minecraft add-ons — Dinosaurs, security systems, and more really shake up Bedrock Edition

This Microsoft pay scale reveals AI pros are making bank — with compensation packages reaching up to $336,000/year

ZeniMax QA testers face whiplash and “rancid” work morale following Microsoft’s gaming layoffs — but the union still fights

The details of TC39’s last meeting

The details of TC39’s last meeting

Vector Search Embeddings and RAG

Python Meets Power Automate: Trigger via URL

Microsoft’s AI CEO says Google nearly launched “ChatGPT” before OpenAI — but brutal skeptics, fears of disrupting search, and safety concerns thwarted the plan

Microsoft’s AI CEO says Google nearly launched “ChatGPT” before OpenAI — but brutal skeptics, fears of disrupting search, and safety concerns thwarted the plan

You’ve got to try these 5 premium Minecraft add-ons — Dinosaurs, security systems, and more really shake up Bedrock Edition

This Microsoft pay scale reveals AI pros are making bank — with compensation packages reaching up to $336,000/year

CVE-2025-40776 – BIND Named Cache-Poisoning Vulnerability

Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads

CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises

CVE-2025-47940 – TYPO3 Privileged Access Escalation Vulnerability

Raspberry Pi 5 Desktop Mini PC: PiGro – system configuration tool

CVE-2025-6252 – “Qi Addons For Elementor Stored Cross-Site Scripting Vulnerability”

CVE-2025-20965 – Samsung Bixby Unauthenticated Data Access Vulnerability

CVE-2025-6701 – Xuxueli xxl-sso Open Redirect Vulnerability

CVE-2025-48700 – Zimbra Collaboration Cross-Site Scripting (XSS) Vulnerability

Distribution Release: Escuelas Linux 8.12

CVE-2025-32915 – Checkmk Incorrect Package Permissions Vulnerability

CVE-2025-40776 – BIND Named Cache-Poisoning Vulnerability

Related Posts