Find notable cyber news and cases, enriched with sources, timelines, and signals.

CCB urgent patch warning for CVE-2026-41089 on Windows servers

Public Sector Action
First reported
Last updated
Happening score
H score 48
1 unique sources, 1 articles

Summary

Hide ▲

Belgium's CCB warned that CVE-2026-41089 is being actively exploited in the wild, urging admins to immediately patch vulnerable Windows servers because the flaw can enable remote code execution on domain controllers. The advisory covers Windows Netlogon, a core authentication service used in Windows domain-based networks, and the issue affects all currently supported Windows Server versions, including Windows Server 2025. Microsoft had already fixed the bug in the May 2026 Patch Tuesday release.

Related Happenings

SharePoint Server unauthenticated privilege escalation flaw actively exploited (CVE-2026-56164)

Vulnerability
H score82 First: 14.07.2026 23:25 Last: 14.07.2026 23:25 Sources 1

About this happening: CVE-2026-56164 is an actively exploited SharePoint Server vulnerability that lets an unauthenticated attacker escalate privileges over the network. The flaw puts *...

Latest development: 15.07.2026 12:20

Microsoft’s July 14 Patch Tuesday included CVE-2026-56164, an elevation-of-privilege flaw in Microsoft SharePoint Server that required no existing privileges and was described as low complexity. The zero-day was one of two vulnerabilities in the release that had been exploited in the wild, and Microsoft issued updates for affected systems.

Microsoft Copilot remote code execution flaw (CVE-2026-48561)

Vulnerability
H score33 First: 14.07.2026 22:22 Last: 14.07.2026 22:22 Sources 1

About this happening: A CVE-2026-48561 remote code execution flaw in Microsoft Copilot can let an unauthorized attacker execute code over the network, creating remote takeover risk for affected...

NetScaler ADC/Gateway arbitrary file read security flaw (CVE-2026-10816)

Vulnerability
H score30 First: 01.07.2026 06:54 Last: 01.07.2026 06:54 Sources 1

About this happening: Citrix's NetScaler ADC and NetScaler Gateway now have CVE-2026-10816, a 7.7 flaw that can expose files through unauthenticated arbitrary file read when managem...

Microsoft Malware Protection Engine race-condition elevation-of-privilege remote code execution flaw (CVE-2026-50656)

Vulnerability
H score32 First: 17.06.2026 11:32 Last: 17.06.2026 11:32 Sources 1

About this happening: Microsoft has released a security update for CVE-2026-50656 after public disclosure of RoguePlanet, a privilege-escalation flaw in the Microsoft Malware Protecti...

Windows Collaborative Translation Framework CTFMON improper link resolution EoP security flaw (CVE-2026-45586)

Vulnerability
H score20 First: 09.06.2026 20:57 Last: 09.06.2026 20:57 Sources 1

About this happening: Windows Collaborative Translation Framework (CTFMON) has a local privilege-escalation vulnerability, CVE-2026-45586, that Microsoft patched in June 2026. An author...

Timeline

  1. 01.06.2026 15:30 2 articles · 1mo ago

    CCB warns of active CVE-2026-41089 exploitation in Windows Netlogon

    Industry Or Public Sector Update

    Belgium's Centre for Cybersecurity Belgium (CCB) warned that CVE-2026-41089 in Windows Netlogon is being actively exploited in the wild and urged administrators of vulnerable Windows Server systems to patch immediately. Microsoft says the May 2026 Patch Tuesday fix addresses a stack-based buffer overflow that can let an unauthenticated attacker gain remote code execution on targeted domain controllers, and the flaw affects all currently supported Windows Server versions, including Windows Server 2025.

    Show sources