isc.sans.edu 5/12/2026, 7:20:35 PM · external

Microsoft May 2026 Patch Tuesday, (Tue, May 12th)

Microsoft May 2026 Patch Tuesday, (Tue, May 12th)

CyberSIXT Evidence Panel

CVE Intel

CVE-2026-41103 - NVD Not in KEV 9.1 CRITICAL

CVE-2026-41089 - NVD Not in KEV 9.8 CRITICAL

CISA KEV Not in KEV

Patch Patch Available

ON May 12, 2026, Microsoft released a patch addressing 137 vulnerabilities, including significant issues within the Microsoft SSO Plugin for Jira & Confluence and a preauthentication remote code execution vulnerability in the Netlogon service. No previously disclosed vulnerabilities were part of this update. Certain vulnerabilities related to Microsoft Azure required no customer action.

Key vulnerabilities include CVE-2026-41103 (critical) affecting the Microsoft SSO Plugin, CVE-2026-41089 (critical) related to Netlogon, and several Microsoft Office vulnerabilities. Details on severity and CVSS scores for vulnerabilities are included.

View full article

Article by CyberSIXT

Timeline Coverage

Swipe to explore timeline

#7 Jun 1, 2026, 03:02 PM

securityweek.com
Belgium flags active exploitation of CVE-2026-41089 Netlogon flaw
#6 Jun 1, 2026, 02:26 AM

securityonline.info
Netlogon RCE bug CVE-2026-41089 exposes domain controllers
#5 May 13, 2026, 07:28 PM

securityaffairs.com
Microsoft Patch Tuesday for May 2026 fix 138 bugs, some of them are alarming
#4 May 13, 2026, 04:01 PM

securityweek.com
AI scanners find critical Windows bugs and dozens of new advisories
#3 May 13, 2026, 12:22 AM

rapid7.com
Microsoft Patch Tuesday patches Netlogon and DNS RCE flaws
#2 May 12, 2026, 06:29 PM Current article

isc.sans.edu
Microsoft May 2026 Patch Tuesday, (Tue, May 12th)
#1 May 12, 2026, 06:07 PM

securityweek.com
Microsoft Patches 137 Vulnerabilities