{"vulnerability": "CVE-2026-24294", "sightings": [{"uuid": "ca702bc5-55e5-43b5-b644-3ced397f3640", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-24294", "type": "seen", "source": "Telegram/GBpYOLFByJUZNo27RsDzztksilkUG3XAg7CrsrR5OqI_xQ", "content": "", "creation_timestamp": "2026-05-02T13:21:19.000000Z"}, {"uuid": "78495e89-8dda-4929-bc61-f4e1209cdef1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-24294", "type": "seen", "source": "https://www.thezdi.com/blog/2026/3/10/the-march-2026-security-update-review", "content": "", "creation_timestamp": "2026-03-10T16:57:37.000000Z"}, {"uuid": "71288b8e-c4dd-4ae9-b09d-7d5aca25f823", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-24294", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2026-0080", "content": "", "creation_timestamp": "2026-03-10T19:07:55.000000Z"}, {"uuid": "9d2d23e3-3ba4-4919-aaa2-f061e99818a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-24294", "type": "seen", "source": "https://krebsonsecurity.com/2026/03/microsoft-patch-tuesday-march-2026-edition/", "content": "", "creation_timestamp": "2026-03-10T23:32:51.000000Z"}, {"uuid": "10e3ac1c-d6fb-4755-a029-9ef36eb5d0ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-24294", "type": "seen", "source": "https://isc.sans.edu/diary/Microsoft+Patch+Tuesday+March+2026/32782", "content": "", "creation_timestamp": "2026-03-11T03:00:16.000000Z"}, {"uuid": "c31c1c7a-6598-4f24-993a-193a82eeeb99", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-24294", "type": "seen", "source": "https://t.me/P0x3k_1N73LL1G3NC3/343", "content": "BYPASSING WINDOWS AUTHENTICATION REFLECTION MITIGATIONS FOR SYSTEM SHELLS - PART \u2461\n\nA new arbitrary Kerberos coercion technique (CVE-2026-26128) that led to a complete bypass of the patch of CVE-2025-33073. This short-lived RCE was then transformed into a universal LPE attack.\n\nBYPASSING WINDOWS AUTHENTICATION REFLECTION MITIGATIONS FOR SYSTEM SHELLS - PART 1\n\nAbuse of a new feature of recent Windows versions, namely the ability to connect to SMB shares on arbitrary TCP ports, to achieve local privilege escalation\u00a0(CVE-2026-24294) on up-to-date Windows Server 2025 machines.", "creation_timestamp": "2026-05-02T06:09:03.000000Z"}, {"uuid": "a04a6df4-8c34-44b0-a4ff-3ed3e2410721", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-24294", "type": "seen", "source": "Telegram/yjUnQ6hKYXBxzaCr4Cr42UE0MHqi1VzU3UchLcz_NxtZwAY", "content": "", "creation_timestamp": "2026-04-30T09:00:04.000000Z"}, {"uuid": "2fa29a9b-f94a-4f32-b8c6-38d76af145bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-24294", "type": "seen", "source": "https://isc.sans.edu/diary/rss/32782", "content": "", "creation_timestamp": "2026-03-11T03:00:20.000000Z"}]}