CVE-2025-40780HIGH 8.6EPSS p32.6%

CVE-2025-40780CVE-2025-40780

Description

In specific circumstances, due to a weakness in the Pseudo Random Number Generator (PRNG) that is used, it is possible for an attacker to predict the source port and query ID that BIND will use. This issue affects BIND 9 versions 9.16.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.16.8-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.39-S1, and 9.20.9-S1 through 9.20.13-S1.

Scoring

CVSS 3.18.6 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
EPSS0.41% probability of exploitation · percentile 32.6% · 2026-06-19T12:03:05Z
Published2025-10-22
Last modified2026-04-15

Underlying weaknesses· 1

CWE-341

References

  1. https://kb.isc.org/docs/cve-2025-40780
  2. http://www.openwall.com/lists/oss-security/2025/10/22/1

1

TypeTargetConfidenceTier
WeaknessPredictable from Observable Statecwe-3410%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-40778
CVE
CVE-2025-40776
CVE
CVE-2026-3593
CVE
CVE-2026-34871
CVE
CVE-2025-59023
CVE
CVE-2026-42000
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.