CVE-2026-41096

Name of the Vulnerable Software and Affected Versions Microsoft Windows DNS (affected versions not specified)

Description A heap-based buffer overflow exists in dnsapi.dll, the Windows component responsible for processing DNS answers. This flaw allows an unauthorized remote attacker to execute arbitrary code over a network by sending a malicious DNS response. The issue affects the Windows DNS Client path, meaning any activity that triggers a DNS query—such as web browsing, VPN clients, enterprise applications, and background services—is potentially at risk. Exploitation can occur if an attacker can influence DNS responses via a rogue DNS server, a poisoned resolver, a compromised router, hostile WiFi, or a man-in-the-middle position.

Recommendations Deploy the May 2026 cumulative updates. Restrict DNS traffic to trusted resolvers where possible. Monitor Dnscache and svchost.exe for abnormal child processes or unexpected outbound activity.