CVE Catalog

CVE-2026-41108

HighCVSS 7.0
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.04%

13th percentile - higher than 13% of all known CVEs

Summary

A heap-based buffer overflow in Microsoft Windows DNS allows an authorized attacker to elevate privileges locally.

Risk Assessment

An attacker with appropriate permissions could exploit this vulnerability to gain higher privileges on the system, posing a serious security threat.

Recommendation

It is recommended to update Windows to the latest version to patch this vulnerability and to monitor system access.

Original NVD description (English source)

Heap-based buffer overflow in Microsoft Windows DNS allows an authorized attacker to elevate privileges locally.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS