CVE-2026-41096

Published May 12, 2026

Last updated 2 months ago

Overview

AI description

Automated description summarized from trusted sources.

CVE-2026-41096 is identified as a heap-based buffer overflow vulnerability residing within the Microsoft Windows DNS client, specifically affecting the `dnsapi.dll` component. This flaw can be triggered when the Windows DNS client improperly processes specially crafted DNS responses. An unauthenticated remote attacker can exploit this vulnerability by sending malicious DNS traffic to a vulnerable system, requiring no user interaction. Successful exploitation allows for arbitrary code execution in the context of the DNS service, which typically operates with elevated privileges. The vulnerability impacts Windows 11 client builds 23H2 through 26H1, Windows Server 2022 23H2, and Windows Server 2025.

Description
Heap-based buffer overflow in Microsoft Windows DNS allows an unauthorized attacker to execute code over a network.
Source
secure@microsoft.com
NVD status
Analyzed
Products
windows_11_23h2, windows_11_24h2, windows_11_25h2, windows_11_26h1, windows_server_2022_23h2, windows_server_2025

Risk scores

CVSS 3.1

Type
Primary
Base score
9.8
Impact score
5.9
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity
CRITICAL

Weaknesses

secure@microsoft.com
CWE-122

Social media

Hype score
Not currently trending
  1. ''CVE-2026-41096: Heap Overflow in the Windows DNS Client'' #infosec #pentest #redteam #blueteam https://t.co/HShSgX4u63

    @CyberWarship

    20 Jun 2026

    2337 Impressions

    9 Retweets

    24 Likes

    14 Bookmarks

    1 Reply

    0 Quotes

  2. Critical RCE in Windows DNS Client (CVE-2026-41096) & XQUIC protocol manipulation (CVE-2026-6328) threaten data privacy & integrity in transit. DNS cache poisoning also reported in dnsmasq. Patch now! #Cybersecurity #Vulnerabilities #DNS

    @YourAnon_irc

    8 Jun 2026

    57 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. Cisco SD-WAN (CVE-2026-20245) & Unified CM (CVE-2026-20230) actively exploited. Windows DNS Client RCE (CVE-2026-41096) & Oracle WebLogic Proxy (CVE-2026-21962) pose critical risks. Data privacy & integrity in transit are at stake. #Cybersecurity #News

    @YourAnon_irc

    5 Jun 2026

    77 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. GitHub - TwoSevenOneT/CVE-2026-41096-Attack-Surface: Attack surface in the real-world environment of CVE-2026-41096 · GitHub - https://t.co/n6JtN7YxF7

    @piedpiper1616

    4 Jun 2026

    232 Impressions

    0 Retweets

    1 Like

    1 Bookmark

    0 Replies

    0 Quotes

  5. Recent alerts: Palo Alto Networks PAN-OS (CVE-2026-0257) has an auth bypass, impacting network integrity. DNS Client (CVE-2026-41096) RCE via crafted DNS poses data privacy & integrity risks. Patch urgently! #Cybersecurity #News #Vulnerabilities

    @YourAnon_irc

    30 May 2026

    68 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  6. Top 5 Trending CVEs: 1 - CVE-2026-5426 2 - CVE-2023-29218 3 - CVE-2026-2031 4 - CVE-2026-41096 5 - CVE-2024-53141 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W

    @CVEShield

    26 May 2026

    145 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  7. A critical Windows DNS Client RCE (CVE-2026-41096) and an actively exploited Exchange Server zero-day (CVE-2026-42897) threaten data privacy/integrity in transit. Patch urgently. #Cybersecurity #Vulnerabilities #News

    @YourAnon_irc

    21 May 2026

    74 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  8. Recent DNS DoS and Windows DNS RCE (CVE-2026-41096) expose transit data via network code execution. A Cisco SD-WAN zero-day (CVE-2026-20182) also risks integrity/privacy in transit. Patch now! #Cybersecurity #NetSec #Vulnerabilities

    @YourAnon_irc

    21 May 2026

    69 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  9. Microsoft's May 2026 Patch Tuesday includes a Critical Windows DNS Client RCE (CVE-2026-41096). Unauth. code execution via crafted DNS responses threatens network security & data integrity in transit. Patch now! #Cybersecurity #DNS #News

    @YourAnon_irc

    20 May 2026

    56 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  10. 🚨 May Microsoft Patch Tuesday: 119 vulns, 1 public exploit 🔥 EoP Windows Kernel (CVE-2026-40369); RCE DNS Client (CVE-2026-41096), Netlogon DC RCE (CVE-2026-41089), TCP/IP UAF (CVE-2026-40415) #PatchTuesday #Microsoft #Windows #AD #Vulristics ➡️ https://t.co/A8REynPvse

    @leonov_av

    19 May 2026

    99 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  11. ⚠️ CVE-2026-41096: New Windows DNS Vulnerability https://t.co/sNH5Msf9E9 A critical Windows DNS Client flaw, CVE-2026-41096, could let attackers run code by sending a malicious DNS response to a normal network query. Microsoft says exploitation is unlikely, but the attack

    @dnsaudit

    18 May 2026

    132 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  12. Critical exploits (May 16): Exchange (CVE-2026-42897), SD-WAN (CVE-2026-20182) & DNS (CVE-2026-41096) severely threaten data privacy/integrity in transit. NGINX QUIC/SSL flaws deepen risks. #Cybersecurity #Vulnerabilities #News

    @YourAnon_irc

    17 May 2026

    108 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  13. New zero-days hit Microsoft Exchange (XSS/spoofing, CVE-2026-42897) & Windows DNS Client (RCE, CVE-2026-41096), plus Exim MTA (RCE, CVE-2026-45185). Critical for data privacy & integrity in transit. Patch ASAP! #Cybersecurity #InfoSec #Vulnerabilities

    @YourAnon_irc

    17 May 2026

    76 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  14. New critical flaws: Exchange zero-day (CVE-2026-42897) actively exploited, Windows DNS Client RCE (CVE-2026-41096), & Cisco SD-WAN auth bypass (CVE-2026-20182). These threaten data privacy/integrity in transit. Patch NOW! #Cybersecurity #ZeroDay #News

    @YourAnon_irc

    15 May 2026

    84 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  15. May 2026 Patch Tuesday: no zero-days for once. But CVE-2026-41089 (Netlogon, CVSS 9.8) = unauthenticated RCE on domain controllers. CVE-2026-41096 (DNS Client, CVSS 9.8) = every Windows machine.  PoC code typically follows within days. Patch this week. #CyberSecurity https://t

    @DIESEC_GmbH

    15 May 2026

    5 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  16. Microsoft、定例パッチで危険な脆弱性を修正(CVE-2026-41089・CVE-2026-41096・CVE-2026-41103) - 合同会社ロケットボーイズ https://t.co/VosZIxjncz @GoogleNewsより

    @CreatorRuru

    14 May 2026

    60 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  17. Microsoft、定例パッチで危険な脆弱性を修正(CVE-2026-41089・CVE-2026-41096・CVE-2026-41103) https://t.co/if7T1McADS #セキュリティ対策Lab #security #securitynews

    @securityLab_jp

    14 May 2026

    131 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  18. Top 5 Trending CVEs: 1 - CVE-2026-21510 2 - CVE-2026-46300 3 - CVE-2026-41096 4 - CVE-2026-0300 5 - CVE-2026-34263 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W

    @CVEShield

    14 May 2026

    128 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  19. Critical vulnerability in Windows DNS service leaks to unauthenticated RCE by exploiting heap based buffer overflow remotely. Marked as CVE-2026-41096. Advisory: https://t.co/JBJJOEiD9E. #cve #critical #vulnerability https://t.co/NX8HcJWMvb

    @triunedigisec

    14 May 2026

    45 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  20. CVE-2026-41096: ‼️🚨 Microsoft has patched a critical Windows DNS Client remote code execution vulnerability that allows an unauthorized attacker to execute code over a network. All it takes is a malicious DNS response. The vulnerability is tracked as CVE-2026-41096 with a

    @lyrie_ai

    14 May 2026

    26 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    1 Reply

    0 Quotes

  21. 🚨 Alertes sécurité CVE-2026-41089 et CVE-2026-41096 sur Windows 🚨 Des failles Windows permettent l'exécution de code à distance via le réseau, impactant prioritairement les serveurs Active Directory. https://t.co/GXh3dBpG7E

    @LoginSecurite

    13 May 2026

    43 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  22. 🚨 Microsoft Patch Tuesday May 2026 fixes 138 vulnerabilities ⚠️ Critical flaws include: 🔥 CVE-2026-41096 🔥 CVE-2026-41089 Patch immediately — especially domain controllers & internet-facing systems. 🔗 https://t.co/CChfZZbxnK #CyberSecurity #PatchTuesday

    @vulert_official

    13 May 2026

    42 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  23. Windows Client (11) and Server (2022 &2025) OS have a 9.8 (Critical) Windows DNS Client Remote Code Execution vulnerability (CVE-2026-41096) that allows an unauthorized attacker to execute code over a network

    @SirMwangala

    13 May 2026

    117 Impressions

    0 Retweets

    1 Like

    1 Bookmark

    0 Replies

    0 Quotes

  24. 2026年5月ぱっちちゅーずでーまとめ ◆Microsoft https://t.co/32GkHwPEhg CVE-2026-42898 Microsoft Dynamics 365 オンプレミスのリモートでコードが実行される脆弱性 CVE-2026-42823 Azure Logic Apps の特権昇格の脆弱性 CVE-2026-41096 Windows

    @taku888infinity

    13 May 2026

    898 Impressions

    0 Retweets

    2 Likes

    1 Bookmark

    0 Replies

    0 Quotes

Configurations

References

Sources include official advisories and independent security research.