CVE-2026-41097 is a Secure Boot bypass vulnerability patched by Microsoft on May 12, 2026. The flaw affects all supported Windows client and server releases; Microsoft rates it Important rather than Critical, reflecting that exploitation likely requires local or pre-boot access rather than a fully remote attack path. No exploitation in the wild has been reported at time of disclosure. Secure Boot bypasses carry disproportionate risk relative to their formal severity rating because a successful exploit can undermine OS-level integrity guarantees, enable persistent bootkit implants, and survive OS reinstalls. Organizations with Secure Boot enforcement policies — including those using Windows Defender Credential Guard or Virtualization-Based Security — should prioritize this patch in their May cumulative update deployment.