[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-81901":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":9,"htmlUrl":9,"language":10,"languages":9,"totalLinesOfCode":9,"stars":11,"forks":12,"watchers":13,"openIssues":14,"contributorsCount":14,"subscribersCount":14,"size":14,"stars1d":15,"stars7d":15,"stars30d":16,"stars90d":14,"forks30d":14,"starsTrendScore":17,"compositeScore":17,"rankGlobal":9,"rankLanguage":9,"license":9,"archived":18,"fork":18,"defaultBranch":19,"hasWiki":18,"hasPages":18,"topics":20,"createdAt":9,"pushedAt":9,"updatedAt":21,"readmeContent":22,"aiSummary":23,"trendingCount":14,"starSnapshotCount":14,"syncStatus":16,"lastSyncTime":24,"discoverSource":25},81901,"CVE-2026-41096-POC","satchfunky\u002FCVE-2026-41096-POC","satchfunky","windows api bug",null,"C",39,9,37,0,1,2,3,false,"main",[],"2026-06-12 02:04:21","the bug is at DnsQueryRaw function (to be specific, inside DnsRawTruncateMessageForUdp) so you need a program to call it. \n\nI could be wrong, but currently there isnt a service or default program in windows 11 that use this function, thats why i needed  client.c.\n\nthis repo has 2 files, client.c and poc.py:\n\nclient.c: it implements DnsQueryRaw (you need to replace the interface index according to your setup)\n\npoc.py: the trigger use scapy, you have to replace variable _iface with the interface of your attacker machine\n\ni leave the exploit of this as an exercise, cheers\n\nPD: windows 10 is safe, that function is specific to windows 11 (and a specific windows server version)\n","该项目针对Windows 11中的DnsQueryRaw函数漏洞提供了一个概念验证（POC）。核心功能是通过C语言编写的client.c调用存在漏洞的API，并使用Python脚本poc.py触发该漏洞。技术特点在于利用了Windows 11特有的DNS处理函数中的缺陷，而此问题在Windows 10中并不存在。适用于安全研究人员或开发者对操作系统底层漏洞进行研究和测试的场景，帮助理解特定版本Windows系统中存在的安全风险。","2026-06-11 04:07:08","CREATED_QUERY"]