CRITICAL✓ PATCH🇵🇱 Wersja polska

CVE-2026-41096

CVSS 9.8v3.1pub. 2026-05-12upd. 2026-05-15

Heap-based buffer overflow in Microsoft Windows DNS allows an unauthorized attacker to execute code over a network.

🤖 AI Analysis
How it works

The vulnerability results from improper heap memory handling in the Windows DNS implementation — classified as CWE-122 (heap-based buffer overflow). An attacker can send specially crafted network data to the DNS service, causing a buffer overflow in the heap area. The result can be overwriting critical memory structures, which enables taking control of the process execution flow and running arbitrary code.

Impact

An unauthenticated remote attacker can execute arbitrary code in the context of the vulnerable DNS service, which in practice can lead to complete system takeover, loss of data confidentiality, and disruption of service availability.

Mitigation & patch

Apply patches available from the manufacturer according to references published at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-41096. It is recommended to immediately deploy available Microsoft security updates and — until the patch is installed — consider restricting network access to the DNS service only from trusted sources using a firewall.

Who is affected

Microsoft Windows DNS components — versions indicated in the manufacturer's references (Microsoft Security Response Center).

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Microsoft Windows 11 23h2

    OS
    Microsoft
    < 10.0.22631.7079
  • Microsoft Windows 11 24h2

    OS
    Microsoft
    < 10.0.26100.8390
  • Microsoft Windows 11 25h2

    OS
    Microsoft
    < 10.0.26200.8390
  • Microsoft Windows 11 26h1

    OS
    Microsoft
    < 10.0.28000.2113
  • Microsoft Windows Server 2022 23h2

    OS
    Microsoft
    < 10.0.25398.2330
  • Microsoft Windows Server 2025

    OS
    Microsoft
    < 10.0.26100.32772
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
Memory
CWE
References

Related vulnerabilities

CVE-2025-59287CRITICAL9.8⚠ KEVPL ✓ten sam produkt

RCE w Windows Server Update Service (WSUS) — deserializacja danych

CVE-2026-42904CRITICAL9.6PL ✓ten sam produkt

Heap buffer overflow w Windows TCP/IP umożliwia privilege escalation przez sieć

CVE-2026-45602CRITICAL9.1PL ✓ten sam produkt

Podatność typu tampering w Windows DHCP Server umożliwia nieautoryzowaną modyfikację danych

CVE-2026-44815CRITICAL9.8PL ✓ten sam produkt

Stack-based buffer overflow w Windows DHCP Client — zdalne wykonanie kodu

CVE-2026-45657CRITICAL9.8PL ✓ten sam produkt

Use-after-free w Windows Kernel umożliwiające zdalne wykonanie kodu