CVE-2026-26171EXPLOITEDPATCHED

Microsoft · .NET 10.0

.NET Denial of Service Vulnerability

Description

Uncontrolled resource consumption in .NET allows an unauthorized attacker to deny service over a network.

Affected Products

Vendor	Product	Versions
Microsoft	.NET 10.0	10.0.0, 8.0.0, 9.0.0

Also Affects

Downstream vendors/products affected by this vulnerability

Vendor	Product	Source	Confidence
microsoft	.net	mitre_affected	90%

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26171(vendor-advisory, patch)

Related News (3 articles)

Tier D

BleepingComputer5h ago

Microsoft April 2026 Patch Tuesday fixes 167 flaws, 2 zero-days

→ No new info (linked only)

Tier C

VulDB5h ago

CVE-2026-26171 | Microsoft .NET prior 8.0.26/9.0.15/10.0.6 resource consumption

→ No new info (linked only)

Tier A

Microsoft MSRC9h ago

CVE-2026-26171 .NET Denial of Service Vulnerability

→ No new info (linked only)

CVSS 3.17.5 HIGH

VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C

CISA KEV❌ No

Actively exploited✅ Yes

Patch available

10.0.68.0.269.0.15

CWECWE-400, CWE-611

PublishedApr 14, 2026

Last enriched5h agov2

Trending Score71

Source articles3

Independent3

Info Completeness9/14

Missing: title, epss, kev, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

CRITICALCVE-2026-32201EXPKEV

Microsoft SharePoint Server Spoofing Vulnerability

Trending: 151

HIGHCVE-2026-32071EXP

Windows Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability

Trending: 67

HIGHCVE-2026-32093EXP

Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability

Trending: 67

HIGHCVE-2026-32075EXP

Windows UPnP Device Host Elevation of Privilege Vulnerability

Trending: 67

HIGHCVE-2026-26154EXP

Windows Server Update Service (WSUS) Tampering Vulnerability

Trending: 67

Pin to Dashboard

Verification

State: verified

Confidence: 0%

Vulnerability Timeline

CVE Published

Apr 14, 2026

Discovered by ZDM

Apr 14, 2026

Updated: description, exploitAvailable, activelyExploited

Apr 14, 2026

Actively Exploited

Apr 14, 2026

Exploit Available

Apr 14, 2026

Patch Available

Apr 14, 2026

Version History

Last enriched 5h ago

v2Tier A5h ago

Added a detailed description of the vulnerability and marked it as actively exploited with an exploit available.

descriptionexploitAvailableactivelyExploited

via Microsoft MSRC

v15h ago

Initial creation