Security News

Cybersecurity news aggregator

🔓
MEDIUM Vulnerabilities Ubuntu Security

USN-8085-1: .NET vulnerabilities

cve-2026-26127cve-2026-26130dotnetmitre-ta0001mitre-t1190
  • What: .NET vulnerabilities in Bcl.Memory and SignalR components
  • Impact: Denial of service possible on .NET 9.0 and 10.0
Read Full Article →

It was discovered that the .NET Microsoft.Bcl.Memory NuGet package did not properly handle certain malformed Base64Url encoded input. An attacker could possibly use this issue to cause .NET to crash, resulting in a denial of service. This issue only affected .NET 9.0 and .NET 10.0. (CVE-2026-26127) Bartłomiej Dach discovered that .NET's SignalR server component did not properly manage resource consumption when processing certain messages. An attacker could possibly use this issue to exhaust internal buffers, resulting in a denial of service. (CVE-2026-26130)

Related Articles

HIGH NCSC-2026-0085 [1.00] [M/H] Kwetsbaarheden verholpen in Microsoft Developer tools NCSC Netherlands HIGH RHSA-2026:10083: Important: .NET 9.0 security update Red Hat Errata HIGH Multiples vulnérabilités dans Microsoft .Net (11 mars 2026) CERT-FR (ANSSI) HIGH RHSA-2026:10082: Important: .NET 8.0 security update Red Hat Errata
Read Full Article → ← Back to News

Share this article

Twitter Facebook LinkedIn