Zero Day MonitorZDM
DashboardVulnerabilitiesTrendingZero-DaysNewsAbout
Login
ImpressumPrivacy Policy
Zero Day Monitor © 2026
3838 articles · 175945 vulns · 37/41 feeds (7d)
← Back to list
7.5
CVE-2026-45646EXPLOITEDPATCHED
Microsoft · AspNet.OData

OData for ASP.NET and ASP.NET Core Denial of Service Vulnerability

Description

Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network.

Affected Products

VendorProductVersions
MicrosoftAspNet.OData7.0.0, 9.0.0

Also Affects

Downstream vendors/products affected by this vulnerability

VendorProductSourceConfidence
microsoftaspnetcore.odatamitre_affected90%

References

  • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45646(vendor-advisory, patch)

Related News (2 articles)

Tier C
VulDB4h ago
CVE-2026-45646 | Microsoft ASP.NET Core Resource Manager allocation of resources
→ No new info (linked only)
Tier A
Microsoft MSRC8h ago
CVE-2026-45646 OData for ASP.NET and ASP.NET Core Denial of Service Vulnerability
→ No new info (linked only)
CVSS 3.17.5 HIGH
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
CISA KEV❌ No
Actively exploited✅ Yes
Patch available
7.8.09.5.0[SX1]
CWECWE-770
PublishedJul 14, 2026
Last enriched5h agov2
Trending Score67
Source articles2
Independent2
Info Completeness9/14
Missing: title, epss, kev, iocs, mitre_attack

Community Vote

0
Login to vote
0 upvotes0 downvotes
No votes yet

Related CVEs (5)

HIGHCVE-2026-56155EXPKEV
Active Directory Federation Services Elevation of Privilege Vulnerability
Trending: 140
MEDIUMCVE-2026-56164EXPKEV
Microsoft SharePoint Server Elevation of Privilege Vulnerability
Trending: 137
HIGHCVE-2026-41091EXPKEV
Microsoft Defender Elevation of Privilege Vulnerability
Trending: 73
CRITICALCVE-2026-48561EXP
Microsoft Copilot Remote Code Execution Vulnerability
Trending: 69
CRITICALCVE-2026-55040EXP
Weak authentication in Microsoft Office SharePoint allows an unauthorized attacker to bypass a security feature over a network.
Trending: 69

Pin to Dashboard

Verification

State: verified
Confidence: 0%

Vulnerability Timeline

CVE Published
Jul 14, 2026
Discovered by ZDM
Jul 14, 2026
Updated: description, exploitAvailable, activelyExploited
Jul 14, 2026
Actively Exploited
Jul 14, 2026
Exploit Available
Jul 14, 2026
Patch Available
Jul 14, 2026

Version History

v2
Last enriched 5h ago
v2Tier A5h ago

Added a detailed description of the vulnerability and marked it as actively exploited with an exploit available.

descriptionexploitAvailableactivelyExploited
via Microsoft MSRC
v15h ago

Initial creation