<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Fri, 03 Jul 2026 09:36:04 +0000</lastBuildDate>
    <item>
      <title>9fdce2cf-0685-4069-8d2a-7573bfbf4b97</title>
      <link>https://vulnerability.circl.lu/sighting/9fdce2cf-0685-4069-8d2a-7573bfbf4b97/export</link>
      <description>{"uuid": "9fdce2cf-0685-4069-8d2a-7573bfbf4b97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-24294", "type": "seen", "source": "https://bsky.app/profile/undercodenews.bsky.social/post/3mpixq7m7rf2t", "content": "\ufffd Windows NTLM Reflection Bypass Exposes SYSTEM-Level Control on Fully Patched Systems (CVE-2025-33073 \u2192 CVE-2026-24294) +\u00a0Video\n\n\ud83e\udde0 Introduction: When \u201cFully Patched\u201d Still Means Fully Exposed A system that claims to be secure after updates should inspire confidence, not concern. Yet the discovery\u2026", "creation_timestamp": "2026-06-30T12:07:52.874869Z"}</description>
      <content:encoded>{"uuid": "9fdce2cf-0685-4069-8d2a-7573bfbf4b97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-24294", "type": "seen", "source": "https://bsky.app/profile/undercodenews.bsky.social/post/3mpixq7m7rf2t", "content": "\ufffd Windows NTLM Reflection Bypass Exposes SYSTEM-Level Control on Fully Patched Systems (CVE-2025-33073 \u2192 CVE-2026-24294) +\u00a0Video\n\n\ud83e\udde0 Introduction: When \u201cFully Patched\u201d Still Means Fully Exposed A system that claims to be secure after updates should inspire confidence, not concern. Yet the discovery\u2026", "creation_timestamp": "2026-06-30T12:07:52.874869Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/9fdce2cf-0685-4069-8d2a-7573bfbf4b97/export</guid>
      <pubDate>Tue, 30 Jun 2026 12:07:52 +0000</pubDate>
    </item>
    <item>
      <title>55277823-b9c3-4159-8f11-1f5105ea5600</title>
      <link>https://vulnerability.circl.lu/sighting/55277823-b9c3-4159-8f11-1f5105ea5600/export</link>
      <description>{"uuid": "55277823-b9c3-4159-8f11-1f5105ea5600", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-24294", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3mphsjry5qw2u", "content": "NTLM\u30ea\u30d5\u30ec\u30af\u30b7\u30e7\u30f3\u30d0\u30a4\u30d1\u30b9CVE-2026-24294\u306e\u8106\u5f31\u6027\u3092\u60aa\u7528\u3059\u308bPoC\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u304c\u516c\u958b\u3055\u308c\u308b \n\nNTLM Reflection Bypass CVE-2026-24294 Gets Public PoC Exploit  #DailyCyberSecurity (Jun 29)\n\nsecurityonline.info/ntlm-reflect...", "creation_timestamp": "2026-06-30T01:02:04.156931Z"}</description>
      <content:encoded>{"uuid": "55277823-b9c3-4159-8f11-1f5105ea5600", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-24294", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3mphsjry5qw2u", "content": "NTLM\u30ea\u30d5\u30ec\u30af\u30b7\u30e7\u30f3\u30d0\u30a4\u30d1\u30b9CVE-2026-24294\u306e\u8106\u5f31\u6027\u3092\u60aa\u7528\u3059\u308bPoC\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u304c\u516c\u958b\u3055\u308c\u308b \n\nNTLM Reflection Bypass CVE-2026-24294 Gets Public PoC Exploit  #DailyCyberSecurity (Jun 29)\n\nsecurityonline.info/ntlm-reflect...", "creation_timestamp": "2026-06-30T01:02:04.156931Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/55277823-b9c3-4159-8f11-1f5105ea5600/export</guid>
      <pubDate>Tue, 30 Jun 2026 01:02:04 +0000</pubDate>
    </item>
    <item>
      <title>b1140e61-bf3e-47fc-a719-832336412fde</title>
      <link>https://vulnerability.circl.lu/sighting/b1140e61-bf3e-47fc-a719-832336412fde/export</link>
      <description>{"uuid": "b1140e61-bf3e-47fc-a719-832336412fde", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-24294", "type": "seen", "source": "https://bsky.app/profile/securityonline.bsky.social/post/3mpg4kkkmog23", "content": "Researcher publicly disclosed an NTLM reflection bypass, CVE-2026-24294, with PoC exploit code. It gives SYSTEM on Windows Server 2025. Patch now.\n\n#NTLM #NTLMReflection #CVE202624294 #Windows #PrivEsc #Cybersecurity #Infosec", "creation_timestamp": "2026-06-29T08:56:08.774693Z"}</description>
      <content:encoded>{"uuid": "b1140e61-bf3e-47fc-a719-832336412fde", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-24294", "type": "seen", "source": "https://bsky.app/profile/securityonline.bsky.social/post/3mpg4kkkmog23", "content": "Researcher publicly disclosed an NTLM reflection bypass, CVE-2026-24294, with PoC exploit code. It gives SYSTEM on Windows Server 2025. Patch now.\n\n#NTLM #NTLMReflection #CVE202624294 #Windows #PrivEsc #Cybersecurity #Infosec", "creation_timestamp": "2026-06-29T08:56:08.774693Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/b1140e61-bf3e-47fc-a719-832336412fde/export</guid>
      <pubDate>Mon, 29 Jun 2026 08:56:08 +0000</pubDate>
    </item>
    <item>
      <title>ca702bc5-55e5-43b5-b644-3ced397f3640</title>
      <link>https://vulnerability.circl.lu/sighting/ca702bc5-55e5-43b5-b644-3ced397f3640/export</link>
      <description>{"uuid": "ca702bc5-55e5-43b5-b644-3ced397f3640", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-24294", "type": "seen", "source": "Telegram/GBpYOLFByJUZNo27RsDzztksilkUG3XAg7CrsrR5OqI_xQ", "content": "", "creation_timestamp": "2026-05-02T13:21:19.000000Z"}</description>
      <content:encoded>{"uuid": "ca702bc5-55e5-43b5-b644-3ced397f3640", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-24294", "type": "seen", "source": "Telegram/GBpYOLFByJUZNo27RsDzztksilkUG3XAg7CrsrR5OqI_xQ", "content": "", "creation_timestamp": "2026-05-02T13:21:19.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/ca702bc5-55e5-43b5-b644-3ced397f3640/export</guid>
      <pubDate>Sat, 02 May 2026 13:21:19 +0000</pubDate>
    </item>
    <item>
      <title>c31c1c7a-6598-4f24-993a-193a82eeeb99</title>
      <link>https://vulnerability.circl.lu/sighting/c31c1c7a-6598-4f24-993a-193a82eeeb99/export</link>
      <description>{"uuid": "c31c1c7a-6598-4f24-993a-193a82eeeb99", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-24294", "type": "seen", "source": "https://t.me/P0x3k_1N73LL1G3NC3/343", "content": "BYPASSING WINDOWS AUTHENTICATION REFLECTION MITIGATIONS FOR SYSTEM SHELLS - PART \u2461\n\nA new arbitrary Kerberos coercion technique (CVE-2026-26128) that led to a complete bypass of the patch of CVE-2025-33073. This short-lived RCE was then transformed into a universal LPE attack.\n\nBYPASSING WINDOWS AUTHENTICATION REFLECTION MITIGATIONS FOR SYSTEM SHELLS - PART 1\n\nAbuse of a new feature of recent Windows versions, namely the ability to connect to SMB shares on arbitrary TCP ports, to achieve local privilege escalation\u00a0(CVE-2026-24294) on up-to-date Windows Server 2025 machines.", "creation_timestamp": "2026-05-02T06:09:03.000000Z"}</description>
      <content:encoded>{"uuid": "c31c1c7a-6598-4f24-993a-193a82eeeb99", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-24294", "type": "seen", "source": "https://t.me/P0x3k_1N73LL1G3NC3/343", "content": "BYPASSING WINDOWS AUTHENTICATION REFLECTION MITIGATIONS FOR SYSTEM SHELLS - PART \u2461\n\nA new arbitrary Kerberos coercion technique (CVE-2026-26128) that led to a complete bypass of the patch of CVE-2025-33073. This short-lived RCE was then transformed into a universal LPE attack.\n\nBYPASSING WINDOWS AUTHENTICATION REFLECTION MITIGATIONS FOR SYSTEM SHELLS - PART 1\n\nAbuse of a new feature of recent Windows versions, namely the ability to connect to SMB shares on arbitrary TCP ports, to achieve local privilege escalation\u00a0(CVE-2026-24294) on up-to-date Windows Server 2025 machines.", "creation_timestamp": "2026-05-02T06:09:03.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/c31c1c7a-6598-4f24-993a-193a82eeeb99/export</guid>
      <pubDate>Sat, 02 May 2026 06:09:03 +0000</pubDate>
    </item>
    <item>
      <title>a04a6df4-8c34-44b0-a4ff-3ed3e2410721</title>
      <link>https://vulnerability.circl.lu/sighting/a04a6df4-8c34-44b0-a4ff-3ed3e2410721/export</link>
      <description>{"uuid": "a04a6df4-8c34-44b0-a4ff-3ed3e2410721", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-24294", "type": "seen", "source": "Telegram/yjUnQ6hKYXBxzaCr4Cr42UE0MHqi1VzU3UchLcz_NxtZwAY", "content": "", "creation_timestamp": "2026-04-30T09:00:04.000000Z"}</description>
      <content:encoded>{"uuid": "a04a6df4-8c34-44b0-a4ff-3ed3e2410721", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-24294", "type": "seen", "source": "Telegram/yjUnQ6hKYXBxzaCr4Cr42UE0MHqi1VzU3UchLcz_NxtZwAY", "content": "", "creation_timestamp": "2026-04-30T09:00:04.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/a04a6df4-8c34-44b0-a4ff-3ed3e2410721/export</guid>
      <pubDate>Thu, 30 Apr 2026 09:00:04 +0000</pubDate>
    </item>
    <item>
      <title>2fa29a9b-f94a-4f32-b8c6-38d76af145bc</title>
      <link>https://vulnerability.circl.lu/sighting/2fa29a9b-f94a-4f32-b8c6-38d76af145bc/export</link>
      <description>{"uuid": "2fa29a9b-f94a-4f32-b8c6-38d76af145bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-24294", "type": "seen", "source": "https://isc.sans.edu/diary/rss/32782", "content": "", "creation_timestamp": "2026-03-11T03:00:20.000000Z"}</description>
      <content:encoded>{"uuid": "2fa29a9b-f94a-4f32-b8c6-38d76af145bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-24294", "type": "seen", "source": "https://isc.sans.edu/diary/rss/32782", "content": "", "creation_timestamp": "2026-03-11T03:00:20.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/2fa29a9b-f94a-4f32-b8c6-38d76af145bc/export</guid>
      <pubDate>Wed, 11 Mar 2026 03:00:20 +0000</pubDate>
    </item>
    <item>
      <title>10e3ac1c-d6fb-4755-a029-9ef36eb5d0ec</title>
      <link>https://vulnerability.circl.lu/sighting/10e3ac1c-d6fb-4755-a029-9ef36eb5d0ec/export</link>
      <description>{"uuid": "10e3ac1c-d6fb-4755-a029-9ef36eb5d0ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-24294", "type": "seen", "source": "https://isc.sans.edu/diary/Microsoft+Patch+Tuesday+March+2026/32782", "content": "", "creation_timestamp": "2026-03-11T03:00:16.000000Z"}</description>
      <content:encoded>{"uuid": "10e3ac1c-d6fb-4755-a029-9ef36eb5d0ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-24294", "type": "seen", "source": "https://isc.sans.edu/diary/Microsoft+Patch+Tuesday+March+2026/32782", "content": "", "creation_timestamp": "2026-03-11T03:00:16.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/10e3ac1c-d6fb-4755-a029-9ef36eb5d0ec/export</guid>
      <pubDate>Wed, 11 Mar 2026 03:00:16 +0000</pubDate>
    </item>
    <item>
      <title>9d2d23e3-3ba4-4919-aaa2-f061e99818a9</title>
      <link>https://vulnerability.circl.lu/sighting/9d2d23e3-3ba4-4919-aaa2-f061e99818a9/export</link>
      <description>{"uuid": "9d2d23e3-3ba4-4919-aaa2-f061e99818a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-24294", "type": "seen", "source": "https://krebsonsecurity.com/2026/03/microsoft-patch-tuesday-march-2026-edition/", "content": "", "creation_timestamp": "2026-03-10T23:32:51.000000Z"}</description>
      <content:encoded>{"uuid": "9d2d23e3-3ba4-4919-aaa2-f061e99818a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-24294", "type": "seen", "source": "https://krebsonsecurity.com/2026/03/microsoft-patch-tuesday-march-2026-edition/", "content": "", "creation_timestamp": "2026-03-10T23:32:51.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/9d2d23e3-3ba4-4919-aaa2-f061e99818a9/export</guid>
      <pubDate>Tue, 10 Mar 2026 23:32:51 +0000</pubDate>
    </item>
    <item>
      <title>71288b8e-c4dd-4ae9-b09d-7d5aca25f823</title>
      <link>https://vulnerability.circl.lu/sighting/71288b8e-c4dd-4ae9-b09d-7d5aca25f823/export</link>
      <description>{"uuid": "71288b8e-c4dd-4ae9-b09d-7d5aca25f823", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-24294", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2026-0080", "content": "", "creation_timestamp": "2026-03-10T19:07:55.000000Z"}</description>
      <content:encoded>{"uuid": "71288b8e-c4dd-4ae9-b09d-7d5aca25f823", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-24294", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2026-0080", "content": "", "creation_timestamp": "2026-03-10T19:07:55.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/71288b8e-c4dd-4ae9-b09d-7d5aca25f823/export</guid>
      <pubDate>Tue, 10 Mar 2026 19:07:55 +0000</pubDate>
    </item>
  </channel>
</rss>
