0xABCD01/CVE-2026-41089

GitHub: 0xABCD01/CVE-2026-41089

CVE-2026-41089漏洞PoC测试工具

Stars: 157 | Forks: 55

# CVE-2026-41089 ![CVSS](https://img.shields.io/badge/CVSS_3.1-9.8_CRITICAL-red?style=for-the-badge) ![CWE](https://img.shields.io/badge/CWE-121-orange?style=for-the-badge) ![Python](https://img.shields.io/badge/Python-3.8+-blue?style=for-the-badge&logo=python&logoColor=white) ![License](https://img.shields.io/badge/License-MIT-green?style=for-the-badge) | | | |---|---| | **攻击向量** | UDP 389 (CLDAP), 预认证，零凭证 | | **影响** | LSASS 崩溃，DC 重启，潜在的 RCE | | **CWE** | CWE-121 (基于堆的缓冲区溢出) | | **CVSS 向量** | `AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H` | | **发布日期** | 2026年5月12日，由微软发布 | ## 参考资料 - [微软安全更新指南](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-41089) - [NVD - CVE-2026-41089](https://nvd.nist.gov/vuln/detail/CVE-2026-41089) - [0patch 分析和微补丁](https://blog.0patch.com/2026/05/micropatches-released-for-windows_0304568783.html) - [Aretiq AI 反向工程](https://aretiq.ai/research/vul260513-cve-2026-41089-microsoft-windows-netlogon-buildsamlogonresponse-stack-based-buffer-overflow-rce/) - [RFC 4511 - LDAP](https://tools.ietf.org/html/rfc4511) - [MS-ADTS - CLDAP DC 定位器](https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-adts/0de3704e-a799-4afa-b12a-3fef2f8e2e66) **[MIT 许可证](LICENSE)**

标签：逆向工具