A critical stack-based buffer overflow vulnerability (CVE-2026-41089, CVSS 9.8) in Windows Netlogon allows unauthenticated attackers to execute arbitrary code with SYSTEM privileges on domain controllers via specially crafted packets. The vulnerability is actively being exploited in the wild, necessitating immediate patching of affected Windows Server environments.