{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-28T23:44:21.176","vulnerabilities":[{"cve":{"id":"CVE-2025-40775","sourceIdentifier":"security-officer@isc.org","published":"2025-05-21T13:16:02.623","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"When an incoming DNS protocol message includes a Transaction Signature (TSIG), BIND always checks it.  If the TSIG contains an invalid value in the algorithm field, BIND immediately aborts with an assertion failure.\nThis issue affects BIND 9 versions 9.20.0 through 9.20.8 and 9.21.0 through 9.21.7."},{"lang":"es","value":"Cuando un mensaje entrante del protocolo DNS incluye una Firma de Transacción (TSIG), BIND siempre la comprueba. Si la TSIG contiene un valor no válido en el campo de algoritmo, BIND cancela inmediatamente la operación con un error de aserción. Este problema afecta a las versiones de BIND 9, de la 9.20.0 a la 9.20.8 y de la 9.21.0 a la 9.21.7."}],"metrics":{"cvssMetricV31":[{"source":"security-officer@isc.org","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"security-officer@isc.org","type":"Secondary","description":[{"lang":"en","value":"CWE-232"}]}],"references":[{"url":"https://kb.isc.org/docs/cve-2025-40775","source":"security-officer@isc.org"},{"url":"http://www.openwall.com/lists/oss-security/2025/05/21/1","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://security.netapp.com/advisory/ntap-20250523-0001/","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}