Microsoft Patch Tuesday for April 2026 - Snort Rule and Prominent Vulnerabilities

Microsoft has released its monthly security update for April 2026, which includes 165 vulnerabilities affecting a wide range of products, including eight Microsoft marked as "critical." CVE-2026-23666 is a critical Denial of Service DoS vulnerability that affects the .NET framework. Successful...

AlmaLinux 8 : .NET 9.0 (ALSA-2026:4443)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:4443 advisory. .net: .NET: Denial of Service via out-of-bounds read CVE-2026-26127 asp.net: ASP.NET Core: Denial of Service via uncontrolled resource allocation...

CVE-2026-26127 .NET Denial of Service Vulnerability

...

MiracleLinux 8 : dotnet8.0-8.0.121-1.el8_10.ML.1 (AXSA:2025-10996:21)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10996:21 advisory. dotnet: .NET Information Disclosure Vulnerability CVE-2025-55248 dotnet: .NET Security Feature Bypass Vulnerability CVE-2025-55315 dotnet: .NET...

Important: Red Hat Security Advisory: .NET 9.0 security update

An update for .NET 9.0 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

RHEL 9 : .NET 8.0 (RHSA-2025:18149)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:18149 advisory. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR...

ALSA-2025:18153 Important: .NET 9.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 9.0.111 and .NET Runtime...

ALSA-2025:18148 Important: .NET 8.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.121 and .NET Runtime...

CVE-2023-38171

A NULL pointer dereference flaw was found in MsQuic.dll in dotnet, which may lead to a denial of service...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS. A vulnerability exists in .NET when processing malicious X.509 client certificates that may consume excessive CPU. Details Denial of Service DoS describes a family of attacks, all aimed at making a system...

dotnet: Denial of service via untrusted input

An integer overflow condition was found in dotnet and dotnet3.1's BinaryReader Read7BitEncodedInt method. This method is used by BinaryReader's ReadString method, and given a certain input, and cause a denial of service to dotnet applications using BinaryReader. The exploitation of this flaw...