DNSSEC

BIND developers warned of two vulnerabilities, CVE-2025-40778 and CVE-2025-40780, that can enable DNS cache poisoning by allowing forged responses to be accepted; patches were released and operators are urged to apply them.