Search CVE reports


Toggle filters

1 – 10 of 96 results


CVE-2026-50659

Medium priority
Vulnerable

Improper encoding or escaping of output in .NET allows an authorized attacker to perform spoofing over a network.

5 affected packages

dotnet6, dotnet7, dotnet8, dotnet9, dotnet10

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
dotnet6 Not in release Not in release Vulnerable Not in release Not in release
dotnet7 Not in release Not in release Ignored Not in release Not in release
dotnet8 Not in release Vulnerable Vulnerable Not in release Not in release
dotnet9 Not in release Not in release Not in release Not in release Not in release
dotnet10 Vulnerable Vulnerable Not in release Not in release Not in release
Show less packages

CVE-2026-50651

Medium priority
Vulnerable

Allocation of resources without limits or throttling in .NET allows an unauthorized attacker to deny service over a network.

5 affected packages

dotnet6, dotnet7, dotnet8, dotnet9, dotnet10

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
dotnet6 Not in release Not in release Vulnerable Not in release Not in release
dotnet7 Not in release Not in release Ignored Not in release Not in release
dotnet8 Not in release Vulnerable Vulnerable Not in release Not in release
dotnet9 Not in release Not in release Not in release Not in release Not in release
dotnet10 Vulnerable Vulnerable Not in release Not in release Not in release
Show less packages

CVE-2026-50648

Medium priority
Vulnerable

Allocation of resources without limits or throttling in .NET Framework allows an unauthorized attacker to deny service over a network.

5 affected packages

dotnet6, dotnet7, dotnet8, dotnet9, dotnet10

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
dotnet6 Not in release Not in release Vulnerable Not in release Not in release
dotnet7 Not in release Not in release Ignored Not in release Not in release
dotnet8 Not in release Vulnerable Vulnerable Not in release Not in release
dotnet9 Not in release Not in release Not in release Not in release Not in release
dotnet10 Vulnerable Vulnerable Not in release Not in release Not in release
Show less packages

CVE-2026-50528

Medium priority
Vulnerable

Incorrect authorization in .NET allows an unauthorized attacker to bypass a security feature over a network.

5 affected packages

dotnet6, dotnet7, dotnet8, dotnet9, dotnet10

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
dotnet6 Not in release Not in release Vulnerable Not in release Not in release
dotnet7 Not in release Not in release Ignored Not in release Not in release
dotnet8 Not in release Vulnerable Vulnerable Not in release Not in release
dotnet9 Not in release Not in release Not in release Not in release Not in release
dotnet10 Vulnerable Vulnerable Not in release Not in release Not in release
Show less packages

CVE-2026-50527

Medium priority
Vulnerable

Stack-based buffer overflow in .NET Framework allows an unauthorized attacker to deny service over a network.

5 affected packages

dotnet6, dotnet7, dotnet8, dotnet9, dotnet10

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
dotnet6 Not in release Not in release Vulnerable Not in release Not in release
dotnet7 Not in release Not in release Ignored Not in release Not in release
dotnet8 Not in release Vulnerable Vulnerable Not in release Not in release
dotnet9 Not in release Not in release Not in release Not in release Not in release
dotnet10 Vulnerable Vulnerable Not in release Not in release Not in release
Show less packages

CVE-2026-50526

Medium priority
Vulnerable

Improper link resolution before file access ('link following') in .NET allows an authorized attacker to perform tampering locally.

5 affected packages

dotnet6, dotnet7, dotnet8, dotnet9, dotnet10

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
dotnet6 Not in release Not in release Vulnerable Not in release Not in release
dotnet7 Not in release Not in release Ignored Not in release Not in release
dotnet8 Not in release Vulnerable Vulnerable Not in release Not in release
dotnet9 Not in release Not in release Not in release Not in release Not in release
dotnet10 Vulnerable Vulnerable Not in release Not in release Not in release
Show less packages

CVE-2026-50525

Medium priority
Vulnerable

Allocation of resources without limits or throttling in .NET allows an unauthorized attacker to deny service over a network.

5 affected packages

dotnet6, dotnet7, dotnet8, dotnet9, dotnet10

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
dotnet6 Not in release Not in release Vulnerable Not in release Not in release
dotnet7 Not in release Not in release Ignored Not in release Not in release
dotnet8 Not in release Vulnerable Vulnerable Not in release Not in release
dotnet9 Not in release Not in release Not in release Not in release Not in release
dotnet10 Vulnerable Vulnerable Not in release Not in release Not in release
Show less packages

CVE-2026-50524

Medium priority
Vulnerable

Improper validation of specified type of input in .NET Framework allows an unauthorized attacker to deny service over a network.

5 affected packages

dotnet6, dotnet7, dotnet8, dotnet9, dotnet10

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
dotnet6 Not in release Not in release Vulnerable Not in release Not in release
dotnet7 Not in release Not in release Ignored Not in release Not in release
dotnet8 Not in release Vulnerable Vulnerable Not in release Not in release
dotnet9 Not in release Not in release Not in release Not in release Not in release
dotnet10 Vulnerable Vulnerable Not in release Not in release Not in release
Show less packages

CVE-2026-47304

Medium priority
Vulnerable

Improper verification of cryptographic signature in .NET allows an unauthorized attacker to bypass a security feature over a network.

5 affected packages

dotnet6, dotnet7, dotnet8, dotnet9, dotnet10

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
dotnet6 Not in release Not in release Vulnerable Not in release Not in release
dotnet7 Not in release Not in release Ignored Not in release Not in release
dotnet8 Not in release Vulnerable Vulnerable Not in release Not in release
dotnet9 Not in release Not in release Not in release Not in release Not in release
dotnet10 Vulnerable Vulnerable Not in release Not in release Not in release
Show less packages

CVE-2026-47303

Medium priority
Vulnerable

Authentication bypass by assumed-immutable data in ASP.NET Core allows an authorized attacker to elevate privileges over a network.

5 affected packages

dotnet6, dotnet7, dotnet8, dotnet9, dotnet10

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
dotnet6 Not in release Not in release Vulnerable Not in release Not in release
dotnet7 Not in release Not in release Ignored Not in release Not in release
dotnet8 Not in release Vulnerable Vulnerable Not in release Not in release
dotnet9 Not in release Not in release Not in release Not in release Not in release
dotnet10 Vulnerable Vulnerable Not in release Not in release Not in release
Show less packages