CCB urgent patch warning for CVE-2026-41089 on Windows servers
Public Sector Action
Summary
Hide ▲
Show ▼
Belgium's CCB warned that CVE-2026-41089 is being actively exploited in the wild, urging admins to immediately patch vulnerable Windows servers because the flaw can enable remote code execution on domain controllers. The advisory covers Windows Netlogon, a core authentication service used in Windows domain-based networks, and the issue affects all currently supported Windows Server versions, including Windows Server 2025. Microsoft had already fixed the bug in the May 2026 Patch Tuesday release.
Related Happenings
Microsoft SharePoint remote code execution (CVE-2026-45659)
Vulnerability
First: 26.05.2026 14:49
Last: 26.05.2026 14:49
Sources 1
About this happening:
**Microsoft SharePoint** **CVE-2026-45659** is a **remote code execution** vulnerability that lets an **authenticated attacker** with **Site Member** permissions run code over the...
Microsoft SharePoint remote code execution (CVE-2026-45659)
VulnerabilityAbout this happening: **Microsoft SharePoint** **CVE-2026-45659** is a **remote code execution** vulnerability that lets an **authenticated attacker** with **Site Member** permissions run code over the...
Microsoft security patch release for CVE-2026-45659
Security Patch Release
First: 26.05.2026 14:49
Last: 26.05.2026 14:49
Sources 1
About this happening:
Microsoft released **SharePoint** updates for **CVE-2026-45659**, a **remote code execution** flaw that could let an authenticated attacker run code over the network without eleva...
Microsoft security patch release for CVE-2026-45659
Security Patch ReleaseAbout this happening: Microsoft released **SharePoint** updates for **CVE-2026-45659**, a **remote code execution** flaw that could let an authenticated attacker run code over the network without eleva...
Windows DNS heap-based buffer overflow remote code execution flaw (CVE-2026-41096)
Vulnerability
First: 13.05.2026 13:36
Last: 13.05.2026 13:36
Sources 1
About this happening:
Microsoft patched **CVE-2026-41096**, a **heap-based buffer overflow** in **Windows DNS** that could let an unauthorized attacker execute code remotely on vulnerable Windows syste...
Windows DNS heap-based buffer overflow remote code execution flaw (CVE-2026-41096)
VulnerabilityAbout this happening: Microsoft patched **CVE-2026-41096**, a **heap-based buffer overflow** in **Windows DNS** that could let an unauthorized attacker execute code remotely on vulnerable Windows syste...
Windows Netlogon stack-based buffer overflow security flaw (CVE-2026-41089)
Vulnerability
First: 13.05.2026 11:15
Last: 13.05.2026 11:15
Sources 1
How related:
On Friday, Belgium's national cybersecurity authority (CCB) warned that attackers are now actively exploiting the CVE-2026-41089 security flaw in the wild and urged admins to immediately patch vulnerable servers.
About this happening:
Microsoft’s **May Patch Tuesday** fixed **CVE-2026-41089**, a **critical** stack-based buffer overflow in **Windows Netlogon** that could let attackers gain **system privileges**...
Windows Netlogon stack-based buffer overflow security flaw (CVE-2026-41089)
VulnerabilityHow related: On Friday, Belgium's national cybersecurity authority (CCB) warned that attackers are now actively exploiting the CVE-2026-41089 security flaw in the wild and urged admins to immediately patch vulnerable servers.
About this happening: Microsoft’s **May Patch Tuesday** fixed **CVE-2026-41089**, a **critical** stack-based buffer overflow in **Windows Netlogon** that could let attackers gain **system privileges**...
CISA orders FCEB remediation for CVE-2025-60710
Public Sector Action
First: 15.04.2026 17:51
Last: 15.04.2026 17:51
Sources 1
About this happening:
CISA added **CVE-2025-60710** to its **actively exploited** catalog and gave **FCEB agencies** **two weeks** to secure systems under **BOD 22-01**. The move targets a **Windows Ta...
CISA orders FCEB remediation for CVE-2025-60710
Public Sector ActionAbout this happening: CISA added **CVE-2025-60710** to its **actively exploited** catalog and gave **FCEB agencies** **two weeks** to secure systems under **BOD 22-01**. The move targets a **Windows Ta...
Timeline
-
01.06.2026 15:30 2 articles · 4h ago
CCB warns of active CVE-2026-41089 exploitation in Windows Netlogon
Industry Or Public Sector UpdateBelgium's Centre for Cybersecurity Belgium (CCB) warned that CVE-2026-41089 in Windows Netlogon is being actively exploited in the wild and urged administrators of vulnerable Windows Server systems to patch immediately. Microsoft says the May 2026 Patch Tuesday fix addresses a stack-based buffer overflow that can let an unauthenticated attacker gain remote code execution on targeted domain controllers, and the flaw affects all currently supported Windows Server versions, including Windows Server 2025.
Show sources
- Critical Windows Netlogon RCE flaw now exploited in attacks — www.bleepingcomputer.com — 01.06.2026 15:30
- Critical Windows Netlogon RCE flaw now exploited in attacks — www.bleepingcomputer.com — 01.06.2026 15:30