RockyLinux 10 : .NET 10.0 (RLSA-2026:25115)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:25115 advisory. dotnet: .NET: Local file tampering via link following vulnerability CVE-2026-45491 dotnet: ASP.NET Core: Denial of Service via uncontrolled resource...

Security Update for Microsoft .NET Core SDK (June 2026)

The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by the following vulnerabilities as referenced in the vendor advisory. - Improper authorization in .NET allows an authorized attacker to elevate privileges locally. CVE-2026-45490 Not...

RHEL 9 : .NET 8.0 (RHSA-2026:25220)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:25220 advisory. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR...

RHEL 8 : .NET 9.0 (RHSA-2026:25113)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:25113 advisory. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR...

AlmaLinux 8 : .NET 10.0 (ALSA-2026:25114)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:25114 advisory. dotnet: .NET: Local file tampering via link following vulnerability CVE-2026-45491 dotnet: ASP.NET Core: Denial of Service via uncontrolled resource...

AlmaLinux 10 : .NET 8.0 (ALSA-2026:25111)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:25111 advisory. dotnet: .NET: Local file tampering via link following vulnerability CVE-2026-45491 dotnet: ASP.NET Core: Denial of Service via uncontrolled resource...

RHEL 9 : .NET 10.0 (RHSA-2026:25222)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:25222 advisory. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR...

ALSA-2026:25111 Important: .NET 8.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.128 and .NET Runtime...

RHEL 9 : .NET 9.0 (RHSA-2026:24336)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:24336 advisory. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation...

RHEL 9 : .NET 8.0 (RHSA-2026:24334)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:24334 advisory. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR...

RHEL 10 : .NET 10.0 (RHSA-2026:22145)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:22145 advisory. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation...

RockyLinux 9 : .NET 10.0 (RLSA-2026:21297)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:21297 advisory. dotnet: .NET: infinite loop allows an attacker to cause a denial of service CVE-2026-42899 Tenable has extracted the preceding description block directly from th...

RHEL 8 : .NET 9.0 (RHSA-2026:21294)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:21294 advisory. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation...

ROS-20260521-73-0001

A vulnerability in the .NET software platform is related to incorrectly used standard permissions. Exploitation of the vulnerability could allow an attacker to escalate privileges...

Security Updates for Microsoft Visual Studio Products (May 2026)

The Microsoft Visual Studio Products are missing security updates. It is, therefore, affected by multiple vulnerabilities: - Heap-based buffer overflow in .NET allows an unauthorized attacker to elevate privileges locally. CVE-2026-32177 - A tampering vulnerability exists when .NET Core improperl...

CVE-2026-35433

Improper input validation in .NET allows an unauthorized attacker to elevate privileges locally...

CVE-2026-32177

Heap-based buffer overflow in .NET allows an unauthorized attacker to elevate privileges locally...

PT-2026-39162

Uncontrolled resource consumption in .NET allows an unauthorized attacker to deny service over a network...

ROS-20260508-73-0011

A vulnerability in the .NET software platform is related to incorrect handling of a missing special element. Exploitation of the vulnerability could allow an attacker acting remotely to conduct spoofing attacks...

dotnet: .NET: Security Bypass and Denial of Service Vulnerability

A flaw was found in .NET. A remote attacker could exploit a vulnerability related to unsafe transforms in EncryptedXml. This could lead to a Denial of Service DoS, making the service unavailable, and a bypass of security features...