dotnet: ASP.NET Core: Denial of Service via uncontrolled resource consumption

A flaw was found in ASP.NET Core SignalR and Blazor Server. A remote attacker could send a specially crafted MessagePack payload containing deeply nested arrays that trigger excessive recursion and cause a stack overflow. This issue may result in application termination and a denial of service...

CVE-2026-45490

Improper authorization in .NET allows an authorized attacker to elevate privileges locally...

CVE-2026-45491

Improper link resolution before file access 'link following' in .NET allows an unauthorized attacker to perform tampering locally...

CVE-2026-45491 .NET Tampering Vulnerability

...

2026-06 .NET 9.0.17 Security Update for ARM64 Client (KB5097150)

2026-06 .NET 9.0.17 Security Update for ARM64 Client KB5097150...

ROS-20260608-73-0026

The vulnerability of the Microsoft Visual Studio software development tool and the .NET software platform is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

ROS-20260608-73-0010

The vulnerability of the .NET software platform is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to increase their privileges...

ROS-20260608-73-0004

The vulnerability of the .NET software platform lies in the execution of a loop with an exit condition that is not met. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

ROS-20260608-73-0007

The vulnerability of the .NET software platform is related to insufficient testing of output data. Exploiting this vulnerability can allow attackers to enhance their privileges...

ROS-20260608-73-0008

The vulnerability of the .NET software platform is related to insufficient testing of output data. Exploiting this vulnerability can allow attackers to enhance their privileges...

ROS-20260608-73-0022

The vulnerability of the .NET software platform is related to an uncontrolled consumption of resources. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

ROS-20260608-73-0021

The vulnerability of the .NET software platform is related to the lack of measures taken to neutralize special elements. Exploiting this vulnerability allows a remote attacker to perform spear-phishing attacks...

ROS-20260608-73-0019

The vulnerability of the Microsoft Visual Studio software development tool and the .NET software platform is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

ROS-20260603-73-0002

The vulnerability of the .NET software platform is related to an uncontrolled consumption of resources. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

RockyLinux 9 : .NET 8.0 (RLSA-2026:21293)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:21293 advisory. serialize-javascript: serialize-javascript: Denial of Service via specially crafted array-like object serialization CVE-2026-34043 dotnet: .NET: infinit...

USN-8298-1 dotnet8, dotnet9, dotnet10 vulnerability

Muhammad Abdul Rehman discovered that .NET incorrectly handled certain network requests, leading to a loop with an unreachable exit condition. A remote attacker could possibly use this issue to consume excessive resources, resulting in a denial of service...

ROS-20260521-73-0002

A vulnerability in the .NET software platform involves reading outside of the allowed range in memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

ROS-20260521-73-0003

A vulnerability in the .NET software platform involves reading outside the allowed range in memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

EUVD-2026-29572

Heap-based buffer overflow in .NET allows an unauthorized attacker to elevate privileges locally...

ROS-20260508-73-0010

A vulnerability in the .NET software platform is related to incorrect handling of a missing special element. Exploitation of the vulnerability could allow an attacker acting remotely to conduct spoofing attacks...