cbcvebase.
CVE-2026-24297
published 2026-03-10

CVE-2026-24297: Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Kerberos allows an unauthorized attacker to bypass a…

medium4.8CVSS 3.1
AVNACHPRNUINSUCLILAN
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Kerberos allows an unauthorized attacker to bypass a security feature over a network.

Affected

29 ranges· showing 25
VendorProductVersion rangeFixed in
microsoftwindows_10_1607< 10.0.14393.895710.0.14393.8957
microsoftwindows_10_1809< 10.0.17763.851110.0.17763.8511
microsoftwindows_10_21h2< 10.0.19044.705810.0.19044.7058
microsoftwindows_10_22h2< 10.0.19045.705810.0.19045.7058
microsoftwindows_10_version_1607>= 10.0.14393.0 < 10.0.14393.895710.0.14393.8957
microsoftwindows_10_version_1809>= 10.0.17763.0 < 10.0.17763.851110.0.17763.8511
microsoftwindows_10_version_21h2>= 10.0.19044.0 < 10.0.19044.705810.0.19044.7058
microsoftwindows_10_version_22h2>= 10.0.19045.0 < 10.0.19045.705810.0.19045.7058
microsoftwindows_server_2012
microsoftwindows_server_2012>= 6.2.9200.0 < 6.2.9200.259736.2.9200.25973
microsoftwindows_server_2012_r2>= 6.3.9600.0 < 6.3.9600.230746.3.9600.23074
microsoftwindows_server_2016< 10.0.14393.895710.0.14393.8957
microsoftwindows_server_2016>= 10.0.14393.0 < 10.0.14393.895710.0.14393.8957
microsoftwindows_server_2019< 10.0.17763.851110.0.17763.8511
microsoftwindows_server_2019>= 10.0.17763.0 < 10.0.17763.851110.0.17763.8511
msrcwindows_10_version_1607_for_32-bit_systems
msrcwindows_10_version_1607_for_x64-based_systems
msrcwindows_10_version_1809_for_32-bit_systems
msrcwindows_10_version_1809_for_x64-based_systems
msrcwindows_10_version_21h2_for_32-bit_systems
msrcwindows_10_version_21h2_for_arm64-based_systems
msrcwindows_10_version_21h2_for_x64-based_systems
msrcwindows_10_version_22h2_for_32-bit_systems
msrcwindows_10_version_22h2_for_arm64-based_systems
msrcwindows_10_version_22h2_for_x64-based_systems