wid-sec-w-2026-0657
·
Published 2026-03-10
·
View on BSI CERT-Bund ↗
Microsoft ASP.NET and .NET: Multiple Vulnerabilities
CVSS 7.8
HIGH
Risk Summary
Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network.
CVEs (3)
Affected Vendors
Microsoft
Oracle
RESF
Red Hat
Ubuntu
Affected Products (5)
Microsoft
·
.NET
10
Microsoft
·
.NET
9
Microsoft
·
ASP.NET
Core 8.0
Microsoft
·
ASP.NET
Core 9.0
Microsoft
·
ASP.NET
Core 10.0
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more