AI description
CVE-2026-41096 is identified as a heap-based buffer overflow vulnerability residing within the Microsoft Windows DNS client, specifically affecting the `dnsapi.dll` component. This flaw can be triggered when the Windows DNS client improperly processes specially crafted DNS responses. An unauthenticated remote attacker can exploit this vulnerability by sending malicious DNS traffic to a vulnerable system, requiring no user interaction. Successful exploitation allows for arbitrary code execution in the context of the DNS service, which typically operates with elevated privileges. The vulnerability impacts Windows 11 client builds 23H2 through 26H1, Windows Server 2022 23H2, and Windows Server 2025.
- Description
- Heap-based buffer overflow in Microsoft Windows DNS allows an unauthorized attacker to execute code over a network.
- Source
- secure@microsoft.com
- NVD status
- Analyzed
- Products
- windows_11_23h2, windows_11_24h2, windows_11_25h2, windows_11_26h1, windows_server_2022_23h2, windows_server_2025
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- secure@microsoft.com
- CWE-122
- Hype score
- Not currently trending
''CVE-2026-41096: Heap Overflow in the Windows DNS Client'' #infosec #pentest #redteam #blueteam https://t.co/HShSgX4u63
@CyberWarship
20 Jun 2026
2337 Impressions
9 Retweets
24 Likes
14 Bookmarks
1 Reply
0 Quotes
Critical RCE in Windows DNS Client (CVE-2026-41096) & XQUIC protocol manipulation (CVE-2026-6328) threaten data privacy & integrity in transit. DNS cache poisoning also reported in dnsmasq. Patch now! #Cybersecurity #Vulnerabilities #DNS
@YourAnon_irc
8 Jun 2026
57 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Cisco SD-WAN (CVE-2026-20245) & Unified CM (CVE-2026-20230) actively exploited. Windows DNS Client RCE (CVE-2026-41096) & Oracle WebLogic Proxy (CVE-2026-21962) pose critical risks. Data privacy & integrity in transit are at stake. #Cybersecurity #News
@YourAnon_irc
5 Jun 2026
77 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
GitHub - TwoSevenOneT/CVE-2026-41096-Attack-Surface: Attack surface in the real-world environment of CVE-2026-41096 · GitHub - https://t.co/n6JtN7YxF7
@piedpiper1616
4 Jun 2026
232 Impressions
0 Retweets
1 Like
1 Bookmark
0 Replies
0 Quotes
Recent alerts: Palo Alto Networks PAN-OS (CVE-2026-0257) has an auth bypass, impacting network integrity. DNS Client (CVE-2026-41096) RCE via crafted DNS poses data privacy & integrity risks. Patch urgently! #Cybersecurity #News #Vulnerabilities
@YourAnon_irc
30 May 2026
68 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Top 5 Trending CVEs: 1 - CVE-2026-5426 2 - CVE-2023-29218 3 - CVE-2026-2031 4 - CVE-2026-41096 5 - CVE-2024-53141 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
26 May 2026
145 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
A critical Windows DNS Client RCE (CVE-2026-41096) and an actively exploited Exchange Server zero-day (CVE-2026-42897) threaten data privacy/integrity in transit. Patch urgently. #Cybersecurity #Vulnerabilities #News
@YourAnon_irc
21 May 2026
74 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Recent DNS DoS and Windows DNS RCE (CVE-2026-41096) expose transit data via network code execution. A Cisco SD-WAN zero-day (CVE-2026-20182) also risks integrity/privacy in transit. Patch now! #Cybersecurity #NetSec #Vulnerabilities
@YourAnon_irc
21 May 2026
69 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Microsoft's May 2026 Patch Tuesday includes a Critical Windows DNS Client RCE (CVE-2026-41096). Unauth. code execution via crafted DNS responses threatens network security & data integrity in transit. Patch now! #Cybersecurity #DNS #News
@YourAnon_irc
20 May 2026
56 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 May Microsoft Patch Tuesday: 119 vulns, 1 public exploit 🔥 EoP Windows Kernel (CVE-2026-40369); RCE DNS Client (CVE-2026-41096), Netlogon DC RCE (CVE-2026-41089), TCP/IP UAF (CVE-2026-40415) #PatchTuesday #Microsoft #Windows #AD #Vulristics ➡️ https://t.co/A8REynPvse
@leonov_av
19 May 2026
99 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️ CVE-2026-41096: New Windows DNS Vulnerability https://t.co/sNH5Msf9E9 A critical Windows DNS Client flaw, CVE-2026-41096, could let attackers run code by sending a malicious DNS response to a normal network query. Microsoft says exploitation is unlikely, but the attack
@dnsaudit
18 May 2026
132 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Critical exploits (May 16): Exchange (CVE-2026-42897), SD-WAN (CVE-2026-20182) & DNS (CVE-2026-41096) severely threaten data privacy/integrity in transit. NGINX QUIC/SSL flaws deepen risks. #Cybersecurity #Vulnerabilities #News
@YourAnon_irc
17 May 2026
108 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
New zero-days hit Microsoft Exchange (XSS/spoofing, CVE-2026-42897) & Windows DNS Client (RCE, CVE-2026-41096), plus Exim MTA (RCE, CVE-2026-45185). Critical for data privacy & integrity in transit. Patch ASAP! #Cybersecurity #InfoSec #Vulnerabilities
@YourAnon_irc
17 May 2026
76 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
New critical flaws: Exchange zero-day (CVE-2026-42897) actively exploited, Windows DNS Client RCE (CVE-2026-41096), & Cisco SD-WAN auth bypass (CVE-2026-20182). These threaten data privacy/integrity in transit. Patch NOW! #Cybersecurity #ZeroDay #News
@YourAnon_irc
15 May 2026
84 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
May 2026 Patch Tuesday: no zero-days for once. But CVE-2026-41089 (Netlogon, CVSS 9.8) = unauthenticated RCE on domain controllers. CVE-2026-41096 (DNS Client, CVSS 9.8) = every Windows machine. PoC code typically follows within days. Patch this week. #CyberSecurity https://t
@DIESEC_GmbH
15 May 2026
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Microsoft、定例パッチで危険な脆弱性を修正(CVE-2026-41089・CVE-2026-41096・CVE-2026-41103) - 合同会社ロケットボーイズ https://t.co/VosZIxjncz @GoogleNewsより
@CreatorRuru
14 May 2026
60 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Microsoft、定例パッチで危険な脆弱性を修正(CVE-2026-41089・CVE-2026-41096・CVE-2026-41103) https://t.co/if7T1McADS #セキュリティ対策Lab #security #securitynews
@securityLab_jp
14 May 2026
131 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Top 5 Trending CVEs: 1 - CVE-2026-21510 2 - CVE-2026-46300 3 - CVE-2026-41096 4 - CVE-2026-0300 5 - CVE-2026-34263 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
14 May 2026
128 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Critical vulnerability in Windows DNS service leaks to unauthenticated RCE by exploiting heap based buffer overflow remotely. Marked as CVE-2026-41096. Advisory: https://t.co/JBJJOEiD9E. #cve #critical #vulnerability https://t.co/NX8HcJWMvb
@triunedigisec
14 May 2026
45 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2026-41096: ‼️🚨 Microsoft has patched a critical Windows DNS Client remote code execution vulnerability that allows an unauthorized attacker to execute code over a network. All it takes is a malicious DNS response. The vulnerability is tracked as CVE-2026-41096 with a
@lyrie_ai
14 May 2026
26 Impressions
0 Retweets
1 Like
0 Bookmarks
1 Reply
0 Quotes
🚨 Alertes sécurité CVE-2026-41089 et CVE-2026-41096 sur Windows 🚨 Des failles Windows permettent l'exécution de code à distance via le réseau, impactant prioritairement les serveurs Active Directory. https://t.co/GXh3dBpG7E
@LoginSecurite
13 May 2026
43 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 Microsoft Patch Tuesday May 2026 fixes 138 vulnerabilities ⚠️ Critical flaws include: 🔥 CVE-2026-41096 🔥 CVE-2026-41089 Patch immediately — especially domain controllers & internet-facing systems. 🔗 https://t.co/CChfZZbxnK #CyberSecurity #PatchTuesday
@vulert_official
13 May 2026
42 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Windows Client (11) and Server (2022 &2025) OS have a 9.8 (Critical) Windows DNS Client Remote Code Execution vulnerability (CVE-2026-41096) that allows an unauthorized attacker to execute code over a network
@SirMwangala
13 May 2026
117 Impressions
0 Retweets
1 Like
1 Bookmark
0 Replies
0 Quotes
2026年5月ぱっちちゅーずでーまとめ ◆Microsoft https://t.co/32GkHwPEhg CVE-2026-42898 Microsoft Dynamics 365 オンプレミスのリモートでコードが実行される脆弱性 CVE-2026-42823 Azure Logic Apps の特権昇格の脆弱性 CVE-2026-41096 Windows
@taku888infinity
13 May 2026
898 Impressions
0 Retweets
2 Likes
1 Bookmark
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*",
"matchCriteriaId": "D039A905-2FE4-4A10-85BF-175947E6A017",
"versionEndExcluding": "10.0.22631.7079",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*",
"matchCriteriaId": "4904DDBD-B183-4AA2-ABD6-47BAF1A28861",
"versionEndExcluding": "10.0.22631.7079",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*",
"matchCriteriaId": "048AD3CD-DD62-4B62-9302-61779D998B4A",
"versionEndExcluding": "10.0.26100.8390",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*",
"matchCriteriaId": "3682F4DD-0870-4E39-B75E-649C89BB1E08",
"versionEndExcluding": "10.0.26100.8390",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:arm64:*",
"matchCriteriaId": "C2C93D38-DFD7-4DE1-95B8-6D73E4A545D6",
"versionEndExcluding": "10.0.26200.8390",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:x64:*",
"matchCriteriaId": "05EB89A0-2ADD-4B67-A644-41FE1DE69E4A",
"versionEndExcluding": "10.0.26200.8390",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:arm64:*",
"matchCriteriaId": "D45A5D2F-E058-4033-B184-BAE224FC1CEA",
"versionEndExcluding": "10.0.28000.2113",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:x64:*",
"matchCriteriaId": "5127F350-9271-4B74-84E0-D7E5D2D5640E",
"versionEndExcluding": "10.0.28000.2113",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E3F26150-16EA-4D34-8BE9-2EE7C745D707",
"versionEndExcluding": "10.0.25398.2330",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9ABAB3B9-28AF-4278-8E78-E1191B1AFC0C",
"versionEndExcluding": "10.0.26100.32772",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]