https://detection.fyi/tags/cve.2026-41089/ Recent content in cve.2026-41089 on Detection.FYI Hugo -- gohugo.io Thu, 11 Jun 2026 11:15:23 +0000 https://detection.fyi/sigmahq/sigma/emerging-threats/2026/exploits/cve-2026-41089/win_application_error_exploit_cve_2026_41089_lsass_netlogon_crash/ Thu, 11 Jun 2026 11:15:23 +0000 https://detection.fyi/sigmahq/sigma/emerging-threats/2026/exploits/cve-2026-41089/win_application_error_exploit_cve_2026_41089_lsass_netlogon_crash/ Detects a crash of the LSASS process where netlogon.dll is the faulting module and the exception code is STATUS_STACK_BUFFER_OVERRUN (0xc0000409). This crash, especially on Domain Controllers, might indicate the exploitation of CVE-2026-41089, a denial of service (DoS) vulnerability, which exists in the Netlogon component of Windows and can be triggered by sending specially crafted requests to the Netlogon service, leading to a stack-based buffer overflow and subsequent crash of the LSASS process.