Microsoft .Net 10.0
11 CVEs affecting Microsoft .Net 10.0. Latest disclosed: 2026-05-12. Critical: 0, High: 10.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-26131 | High | 7.8 | 2026-03-10 | Incorrect default permissions in .NET allows an authorized attacker to elevate privileges locally. |
CVE-2026-42899 | High | 7.5 | 2026-05-12 | Loop with unreachable exit condition ('infinite loop') in ASP.NET Core allows an unauthorized attacker to deny service over a network. |
CVE-2026-33116 | High | 7.5 | 2026-04-14 | Loop with unreachable exit condition ('infinite loop') in .NET, .NET Framework, Visual Studio allows an unauthorized attacker to deny service over a network. |
CVE-2026-32203 | High | 7.5 | 2026-04-14 | Stack-based buffer overflow in .NET and Visual Studio allows an unauthorized attacker to deny service over a network. |
CVE-2026-32178 | High | 7.5 | 2026-04-14 | Improper neutralization of special elements in .NET allows an unauthorized attacker to perform spoofing over a network. |
CVE-2026-26171 | High | 7.5 | 2026-04-14 | Uncontrolled resource consumption in .NET allows an unauthorized attacker to deny service over a network. |
CVE-2026-26127 | High | 7.5 | 2026-03-10 | Out-of-bounds read in .NET allows an unauthorized attacker to deny service over a network. |
CVE-2026-21218 | High | 7.5 | 2026-02-10 | Improper handling of missing special element in .NET allows an unauthorized attacker to perform spoofing over a network. |
CVE-2026-35433 | High | 7.3 | 2026-05-12 | Improper input validation in .NET allows an unauthorized attacker to elevate privileges locally. |
CVE-2026-32177 | High | 7.3 | 2026-05-12 | Heap-based buffer overflow in .NET allows an unauthorized attacker to elevate privileges locally. |
CVE-2026-32175 | Medium | 4.3 | 2026-05-12 | A tampering vulnerability exists when .NET Core improperly handles specially crafted files. An attacker who successfully exploited this vulnerability could wri… |