Microsoft Asp.net Core 9.0
4 CVEs affecting Microsoft Asp.net Core 9.0. Latest disclosed: 2026-03-10. Critical: 1, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-55315 | Critical | 9.9 | 2025-10-14 | Inconsistent interpretation of http requests ('http request/response smuggling') in ASP.NET Core allows an authorized attacker to bypass a security feature ove… |
CVE-2026-26130 | High | 7.5 | 2026-03-10 | Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network. |
CVE-2025-26682 | High | 7.5 | 2025-04-08 | Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network. |
CVE-2025-24070 | High | 7.0 | 2025-03-11 | Weak authentication in ASP.NET Core & Visual Studio allows an unauthorized attacker to elevate privileges over a network. |