Microsoft .Net 8.0
37 CVEs affecting Microsoft .Net 8.0. Latest disclosed: 2026-05-12. Critical: 1, High: 29.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-0057 | Critical | 9.1 | 2024-01-09 | NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability |
CVE-2025-21176 | High | 8.8 | 2025-01-14 | .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability |
CVE-2024-0056 | High | 8.7 | 2024-01-09 | Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability |
CVE-2023-36038 | High | 8.2 | 2023-11-14 | ASP.NET Core Denial of Service Vulnerability |
CVE-2024-38229 | High | 8.1 | 2024-10-08 | .NET and Visual Studio Remote Code Execution Vulnerability |
CVE-2024-35264 | High | 8.1 | 2024-07-09 | .NET and Visual Studio Remote Code Execution Vulnerability |
CVE-2025-26646 | High | 8.0 | 2025-05-13 | External control of file name or path in .NET, Visual Studio, and Build Tools for Visual Studio allows an authorized attacker to perform spoofing over a networ… |
CVE-2023-36049 | High | 7.6 | 2023-11-14 | .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability |
CVE-2026-42899 | High | 7.5 | 2026-05-12 | Loop with unreachable exit condition ('infinite loop') in ASP.NET Core allows an unauthorized attacker to deny service over a network. |
CVE-2026-33116 | High | 7.5 | 2026-04-14 | Loop with unreachable exit condition ('infinite loop') in .NET, .NET Framework, Visual Studio allows an unauthorized attacker to deny service over a network. |
CVE-2026-32203 | High | 7.5 | 2026-04-14 | Stack-based buffer overflow in .NET and Visual Studio allows an unauthorized attacker to deny service over a network. |
CVE-2026-32178 | High | 7.5 | 2026-04-14 | Improper neutralization of special elements in .NET allows an unauthorized attacker to perform spoofing over a network. |
CVE-2026-26171 | High | 7.5 | 2026-04-14 | Uncontrolled resource consumption in .NET allows an unauthorized attacker to deny service over a network. |
CVE-2026-21218 | High | 7.5 | 2026-02-10 | Improper handling of missing special element in .NET allows an unauthorized attacker to perform spoofing over a network. |
CVE-2025-30399 | High | 7.5 | 2025-06-13 | Untrusted search path in .NET and Visual Studio allows an unauthorized attacker to execute code over a network. |
CVE-2025-21172 | High | 7.5 | 2025-01-14 | .NET and Visual Studio Remote Code Execution Vulnerability |
CVE-2024-43485 | High | 7.5 | 2024-10-08 | .NET and Visual Studio Denial of Service Vulnerability |
CVE-2024-43484 | High | 7.5 | 2024-10-08 | .NET, .NET Framework, and Visual Studio Denial of Service Vulnerability |
CVE-2024-43483 | High | 7.5 | 2024-10-08 | .NET, .NET Framework, and Visual Studio Denial of Service Vulnerability |
CVE-2024-38168 | High | 7.5 | 2024-08-13 | .NET and Visual Studio Denial of Service Vulnerability |