A newly tracked flaw in the Windows DNS Client shows how a routine resolver path can become a remote code execution risk when memory safety breaks down.
CVE-2026-41096 places the Windows DNS Client in the spotlight: a critical remote code execution bug patched in Microsoft’s May 12, 2026 updates.