Security Update for Microsoft .NET Core (February 2026)

The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the vendor advisory. - .NET Spoofing Vulnerability CVE-2026-21218 Note that Nessus has not tested for this issue but has instead relied only on the...

Untrusted Search Path

Overview Affected versions of this package are vulnerable to Untrusted Search Path. An attacker can achieve remote code execution by planting malicious files on the victim's system, with knowledge of where they should be placed, then tricking a user to run these files. Remediation Upgrade...

Arbitrary Code Execution

Overview Affected versions of this package are vulnerable to Arbitrary Code Execution in the way it reads debugging symbols, where reading a malicious symbols file may result in the exploitation of this vulnerability. Remediation Upgrade Microsoft.NETCore.App.Runtime.win-x64 to version 6.0.13,...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS by sending an invalid request to an exposed endpoint. Details Denial of Service DoS describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users. Unlike other...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS when creating HTTPS web requests while building X509 certificate chains. Details Denial of Service DoS describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users...

Microsoft ASP.NET Core Denial of Service Vulnerability (CNVD-2017-37109)

Microsoft .NET Core is a free open source development platform from Microsoft USA. The platform features multi-language support and cross-platform. A denial of service vulnerability exists in Microsoft .NET Core versions 1.0, 1.1, and 2.0 due to the program failing to properly parse certificate...