CVE-2025-47981

Name of the Vulnerable Software and Affected Versions Windows versions (affected versions not specified)

Description A critical vulnerability exists in the Windows SPNEGO Extended Negotiation (NEGOEX) security mechanism. This flaw is a heap-based buffer overflow that allows an unauthorized attacker to execute code remotely over a network. The vulnerability is considered 'wormable', meaning it has the potential to spread automatically across networks, similar to WannaCry and NotPetya. Successful exploitation grants attackers complete system control with SYSTEM privileges.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.