A vulnerability was found in ISC BIND up to 9.18.47/9.18.48-S0/9.20.22/9.20.22-S1/9.21.21 and classified as critical . This affects an unknown part of the component DNS-over-HTTPS . The manipulation results in use after free. This vulnerability is reported as CVE-2026-3593 . The attack can be launched remotely. No exploit exists. It is suggested to upgrade the affected component.