CVE-2026-26130PATCHED

microsoft · asp.net core

ASP.NET Core Denial of Service Vulnerability

Description

Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network.

Affected Products

Vendor	Product	Versions
microsoft	asp.net core	10.0, 8.0, 9.0

Also Affects

Downstream vendors/products affected by this vulnerability

Vendor	Product	Source	Confidence
canonical	ubuntu linux	cert_advisory	90%
microsoft	asp.net	cert_advisory	90%
microsoft	.net	cert_advisory	90%
oracle	oracle linux	cert_advisory	90%
red hat	red hat enterprise linux	cert_advisory	90%

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26130(vendor-advisory, patch)

Related News (2 articles)

Tier B

BSI Advisories5h ago

[UPDATE] [mittel] Microsoft ASP.NET und .NET: Mehrere Schwachstellen

→ No new info (linked only)

Tier B

CERT-FR8d ago

Multiples vulnérabilités dans Tenable Identity Exposure (15 avril 2026)

→ No new info (linked only)

CVSS 3.17.5 HIGH

VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C

CISA KEV❌ No

Actively exploited❌ No

Patch available

10.0.48.0.259.0.14

CWECWE-770

PublishedMar 10, 2026

Last enriched21d ago

Trending Score38

Source articles2

Independent2

Info Completeness5/14

Missing: vendor, product, versions, epss, kev, exploit, patch, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

HIGHCVE-2026-33825EXPKEV

Microsoft Defender Elevation of Privilege Vulnerability

Trending: 155

MEDIUMCVE-2026-32201EXPKEV

Microsoft SharePoint Server Spoofing Vulnerability

Trending: 133

HIGHCVE-2026-26127EXPKEV

.NET Denial of Service Vulnerability

Trending: 104

CRITICALCVE-2026-40372EXP

ASP.NET Core Elevation of Privilege Vulnerability

Trending: 94

HIGHCVE-2026-32190

Microsoft Office Remote Code Execution Vulnerability

Trending: 55

Pin to Dashboard

Verification

State: verified

Confidence: 100%

Vulnerability Timeline

CVE Published

Mar 10, 2026

Discovered by ZDM

Apr 1, 2026

Patch Available

Apr 14, 2026