CVE-2026-41089

Stack-based buffer overflow in Windows Netlogon allows an unauthorized attacker to execute code over a network...

Microsoft Patches 138 Vulnerabilities, Including DNS and Netlogon RCE Flaws

Microsoft on Tuesday released patches for 138 security vulnerabilities spanning its product portfolio, although none of them have been listed as publicly known or under active attack. Of the 138 flaws, 30 are rated Critical, 104 are rated Important, three are rated Moderate, and one is rated Low ...

Patch Tuesday - May 2026

Microsoft is publishing 137 vulnerabilities on May 2026 Patch Tuesday. Microsoft is not aware of exploitation in the wild or public disclosure for any of these vulnerabilities. So far this month, Microsoft has provided patches to address 133 browser vulnerabilities, which are not included in the...

Patch Tuesday, May 2026 Edition

Artificial intelligence platforms may be just as susceptible to social engineering as human beings, but they are proving remarkably good at finding security vulnerabilities in human-made computer code. That reality is on full display this month with some of the more widely-used software makers --...

EUVD-2026-29681

Stack-based buffer overflow in Windows Netlogon allows an unauthorized attacker to execute code over a network...

CVE-2026-41089

Stack-based buffer overflow in Windows Netlogon allows an unauthorized attacker to execute code over a network...

CVE-2026-41089

Stack-based buffer overflow in Windows Netlogon allows an unauthorized attacker to execute code over a network...

CVE-2026-41089 Windows Netlogon Remote Code Execution Vulnerability

...

CVE-2026-41089 Windows Netlogon Remote Code Execution Vulnerability

...

CVE-2026-41089

CVE-2026-41089 is a Windows Netlogon RCE via a stack-based buffer overflow in CLDAP handling. Affected: Windows Server 2012 through 2025 domain controllers. Mechanism (per provided PoCs): unauthenticated remote is possible by sending crafted CLDAP UDP packets; a 528-byte stack buffer overflow occ...

Windows Netlogon Remote Code Execution Vulnerability

Stack-based buffer overflow in Windows Netlogon allows an unauthorized attacker to execute code over a network...

PT-2026-40234

Name of the Vulnerable Software and Affected Versions Windows Server versions prior to May 12, 2026 Description A stack-based buffer overflow exists in the Windows Netlogon service, specifically within the MS-NRPC handler. This issue allows an unauthenticated remote attacker to execute arbitrary...

Microsoft Windows Netlogon 安全漏洞

Microsoft Windows Netlogon is an important component of Windows from Microsoft Corporation. Its main functions include authentication between users and machines within a domain network, as well as copying databases for domain control backups. It also helps maintain relationships between domain...

KB5087470: Windows Server 2012 Security Update (May 2026)

The remote Windows host is missing security update 5087470. It is, therefore, affected by multiple vulnerabilities - Stack-based buffer overflow in Windows Netlogon allows an unauthorized attacker to execute code over a network. CVE-2026-41089 - Heap-based buffer overflow in Windows Win32K - GRFX...

KB5087545: Windows Server 2022 / Azure Stack HCI 22H2 Security Update (May 2026)

The remote Windows host is missing security update 5087545 or hotpatch 5087424. It is, therefore, affected by multiple vulnerabilities - Stack-based buffer overflow in Windows Netlogon allows an unauthorized attacker to execute code over a network. CVE-2026-41089 - Use after free in Windows Hyper...

KB5087539: Windows Server 2025 Security Update (May 2026)

The remote Windows host is missing security update 5087539 or hotpatch 5087423. It is, therefore, affected by multiple vulnerabilities - Heap-based buffer overflow in Microsoft Windows DNS allows an unauthorized attacker to execute code over a network. CVE-2026-41096 - Stack-based buffer overflow...

KB5087537: Windows 10 Version 1607 / Windows Server 2016 Security Update (May 2026)

The remote Windows host is missing security update 5087537. It is, therefore, affected by multiple vulnerabilities - Stack-based buffer overflow in Windows Netlogon allows an unauthorized attacker to execute code over a network. CVE-2026-41089 - Heap-based buffer overflow in Windows Win32K - GRFX...

KLA91038 Multiple vulnerabilities in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products Extended Security Update. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, gain privileges, execute arbitrary code, obtain sensitive information. Below is a complete list of...

KB5087538: Windows 10 version 1809 / Windows Server 2019 Security Update (May 2026)

The remote Windows host is missing security update 5087538. It is, therefore, affected by multiple vulnerabilities - Stack-based buffer overflow in Windows Netlogon allows an unauthorized attacker to execute code over a network. CVE-2026-41089 - Heap-based buffer overflow in Windows Win32K - GRFX...

KB5087541: Windows Server version 23H2 Security Update (May 2026)

The remote Windows host is missing security update 5087541. It is, therefore, affected by multiple vulnerabilities - Heap-based buffer overflow in Microsoft Windows DNS allows an unauthorized attacker to execute code over a network. CVE-2026-41096 - Stack-based buffer overflow in Windows Netlogon...