Critical Windows Netlogon RCE Vulnerability Under Active Exploitation

**Critical Netlogon RCE (CVE-2026-41089) actively exploited:** The report warns that an unauthenticated remote code execution flaw in Windows Netlogon affecting domain controllers is being exploited in the wild, can yield SYSTEM-level access, and urges immediate patching (May 2026 updates), network monitoring for anomalous Netlogon requests, and hardening of Netlogon access to mitigate risk.