.NET Framework Denial of Service Vulnerability

Description

Improper input validation in .NET Framework allows an unauthorized attacker to deny service over a network.

Affected Products

Vendor	Product	Versions
microsoft	.net framework	3.5.0, 4.7.0, 4.8.0, 4.8.1, 4.7.0, 4.8.0

Also Affects

Downstream vendors/products affected by this vulnerability

Vendor	Product	Source	Confidence
microsoft	microsoft .net framework 3.5 and	mitre_affected	90%
microsoft	microsoft .net framework	mitre_affected	90%
microsoft	microsoft .net framework 4.6.2/4.7/4.7.1/4.7.2	mitre_affected	90%

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23666(vendor-advisory, patch)

Related News (6 articles)

Tier B

CERT-FR22h ago

Multiples vulnérabilités dans Microsoft .Net (15 avril 2026)

→ No new info (linked only)

Tier C

Cisco Talos1d ago

Microsoft Patch Tuesday for April 2026 - Snort Rule and Prominent Vulnerabilities

→ No new info (linked only)

Tier C

Qualys Blog1d ago

Microsoft and Adobe Patch Tuesday, April 2026 Security Update Review

→ No new info (linked only)

Tier C

VulDB1d ago

CVE-2026-23666 | Microsoft .NET Framework prior 4.8.9332.0 exceptional condition

→ No new info (linked only)

Tier A

Microsoft MSRC1d ago

CVE-2026-23666 .NET Framework Denial of Service Vulnerability

→ No new info (linked only)

Tier C

CrowdStrike Blog1d ago

April 2026 Patch Tuesday: Two Zero-Days and Eight Critical Vulnerabilities Among 164 CVEs

→ No new info (linked only)

CVSS 3.17.5 HIGH

VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C

CISA KEV❌ No

Actively exploited✅ Yes

Patch available

2.0.50727.8982 & 3.0.30729.89762.0.50727.9068 & 3.0.30729.9065 & 4.7.4141.02.0.50727.9068 & 3.0.30729.9065 & 4.8.4801.02.0.50727.9181 & 3.0.30729.9165 & 4.8.9332.04.8.4801.0

CWECWE-755

PublishedApr 14, 2026

Last enriched1d agov2

Trending Score73

Source articles6

Independent6

Info Completeness9/14

Missing: title, epss, kev, iocs, mitre_attack