Security News

Cybersecurity news aggregator

🔄
HIGH Updates Red Hat Errata

RHSA-2026:10082: Important: .NET 8.0 security update

cve-2026-1234red-hatdotnetcve-2026-26130
This Important security update addresses CVE-2026-26130 (CVSS 7.5 HIGH), a denial-of-service vulnerability in ASP.NET Core caused by uncontrolled resource allocation. The vulnerability affects ASP.NET Core versions 8.0.0 through 8.0.24, 9.0.0 through 9.0.13, and 10.0.0 through 10.0.3. Red Hat has released fixed packages for .NET 8.0 on RHEL 9.4 EUS, corresponding to upstream versions .NET Runtime 8.0.25, .NET SDK 8.0.125, ASP.NET Core 8.0.25, 9.0.14, and 10.0.4.
Read Full Article →

Red Hat Product Errata RHSA-2026:10082 - Security Advisory Issued: 2026-04-23 Updated: 2026-04-23 RHSA-2026:10082 - Security Advisory Overview Updated Packages Synopsis Important: .NET 8.0 security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for .NET 8.0 is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.125 and .NET Runtime 8.0.25.Security Fix(es): asp.net: ASP.NET Core: Denial of Service via uncontrolled resource allocation (CVE-2026-26130) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4 x86_64 Red Hat Enterprise Linux Server - AUS 9.4 x86_64 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4 s390x Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4 ppc64le Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4 aarch64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4 x86_64 Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.4 x86_64 Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.4 ppc64le Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.4 s390x Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.4 aarch64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.4 s390x Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.4 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.4 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.4 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.4 s390x Fixes BZ - 2446134 - CVE-2026-26130 asp.net: ASP.NET Core: Denial of Service via uncontrolled resource allocation CVEs CVE-2026-26130 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4 SRPM dotnet8.0-8.0.125-1.el9_4.src.rpm SHA-256: 43ae1dddbd06c2ca5ab091eb59b13f18c89aa4c3f23abc50e98428810393b831 x86_64 aspnetcore-runtime-8.0-8.0.25-1.el9_4.x86_64.rpm SHA-256: b7ffd3a460cf973f8ed44dd44bff4f149ae1f9d0ec91ee00e4f66af2e9d61feb aspnetcore-runtime-dbg-8.0-8.0.25-1.el9_4.x86_64.rpm SHA-256: 1aff4e94597f2c7ff5440ad2b05fe7b92bba571a3d08c1ab79d88e03543b54ab aspnetcore-targeting-pack-8.0-8.0.25-1.el9_4.x86_64.rpm SHA-256: 39f5c52df8847918032029e5c05a5f6d9319e80a6a5a9d322203943d29108152 dotnet-apphost-pack-8.0-8.0.25-1.el9_4.x86_64.rpm SHA-256: 541e455eef84af6f45d150c4b4dcefa540a833944d5388acf2b7eabf335079ac dotnet-apphost-pack-8.0-debuginfo-8.0.25-1.el9_4.x86_64.rpm SHA-256: 7414dc85174ddc77f5a63c12421a8623d7f5ae42c6601a0d06a27100d8302e83 dotnet-host-8.0.25-1.el9_4.x86_64.rpm SHA-256: 53798c0f20d8613231c375784cdd46ecd0110407ab1d01a09cc31ec53106ccf4 dotnet-host-debuginfo-8.0.25-1.el9_4.x86_64.rpm SHA-256: 4615fc1d00a35fe2a61f248ae7c496203949b4cd8f75d7d54d6294175fc7abe2 dotnet-hostfxr-8.0-8.0.25-1.el9_4.x86_64.rpm SHA-256: 0f3df7904ab82fb5c389d6f537cd9f711ee921f2a8f167c0d25bc1cb11c2b350 dotnet-hostfxr-8.0-debuginfo-8.0.25-1.el9_4.x86_64.rpm SHA-256: 077068aa65aee9b30964ad0b095cad285f19d76e213c06ac55e7e24e33442cab dotnet-runtime-8.0-8.0.25-1.el9_4.x86_64.rpm SHA-256: f73e7d4f3cb2f8f944ec1f7689f4ae26442d11b6a7e446b9f621a2fee92c0ab2 dotnet-runtime-8.0-debuginfo-8.0.25-1.el9_4.x86_64.rpm SHA-256: ead71af032592e7afc9e4a96ca44ee9260f8fd65bc84f778af22ddaadeedc23a dotnet-runtime-dbg-8.0-8.0.25-1.el9_4.x86_64.rpm SHA-256: 95a794089c7ff0efe3dd53d0191744416cf22494880aa2c6293048cd86f87bb8 dotnet-sdk-8.0-8.0.125-1.el9_4.x86_64.rpm SHA-256: 22386b20587ff14ca84b6038c251743d9d7dca434e6f60bf1649b1f82f12c2b4 dotnet-sdk-8.0-debuginfo-8.0.125-1.el9_4.x86_64.rpm SHA-256: 69732777233e680f24255f416edac6c24c0a953d590ab127f122e076ddb08d91 dotnet-sdk-dbg-8.0-8.0.125-1.el9_4.x86_64.rpm SHA-256: 5c7c909234ff1aac128cbf046d2746418888043995d57fc1acd07f9d87e81334 dotnet-targeting-pack-8.0-8.0.25-1.el9_4.x86_64.rpm SHA-256: 0147812ad0eaf784040936ff01f73c766abdbe07d00b0d23f7750df6aae91c0e dotnet-templates-8.0-8.0.125-1.el9_4.x86_64.rpm SHA-256: 77c3bceae263aba91875df9f597fd51c230e0fac704c421b993d29ad4a9d1be7 dotnet8.0-debuginfo-8.0.125-1.el9_4.x86_64.rpm SHA-256: 23d4cf5ca794a6805ee018cb799dc02bf74a7bd40ded1ced51bf4191792b6826 dotnet8.0-debugsource-8.0.125-1.el9_4.x86_64.rpm SHA-256: 181ce9a7f73a682884f024d0419141fac52c404ffa909212e9e0ac18cd8a0c80 netstandard-targeting-pack-2.1-8.0.125-1.el9_4.x86_64.rpm SHA-256: 29754ba4bca174be3c55d2d1a77263df8614e88b8deefa3aa12131b3e58c710c Red Hat Enterprise Linux Server - AUS 9.4 SRPM dotnet8.0-8.0.125-1.el9_4.src.rpm SHA-256: 43ae1dddbd06c2ca5ab091eb59b13f18c89aa4c3f23abc50e98428810393b831 x86_64 aspnetcore-runtime-8.0-8.0.25-1.el9_4.x86_64.rpm SHA-256: b7ffd3a460cf973f8ed44dd44bff4f149ae1f9d0ec91ee00e4f66af2e9d61feb aspnetcore-runtime-dbg-8.0-8.0.25-1.el9_4.x86_64.rpm SHA-256: 1aff4e94597f2c7ff5440ad2b05fe7b92bba571a3d08c1ab79d88e03543b54ab aspnetcore-targeting-pack-8.0-8.0.25-1.el9_4.x86_64.rpm SHA-256: 39f5c52df8847918032029e5c05a5f6d9319e80a6a5a9d322203943d29108152 dotnet-apphost-pack-8.0-8.0.25-1.el9_4.x86_64.rpm SHA-256: 541e455eef84af6f45d150c4b4dcefa540a833944d5388acf2b7eabf335079ac dotnet-apphost-pack-8.0-debuginfo-8.0.25-1.el9_4.x86_64.rpm SHA-256: 7414dc85174ddc77f5a63c12421a8623d7f5ae42c6601a0d06a27100d8302e83 dotnet-host-8.0.25-1.el9_4.x86_64.rpm SHA-256: 53798c0f20d8613231c375784cdd46ecd0110407ab1d01a09cc31ec53106ccf4 dotnet-host-debuginfo-8.0.25-1.el9_4.x86_64.rpm SHA-256: 4615fc1d00a35fe2a61f248ae7c496203949b4cd8f75d7d54d6294175fc7abe2 dotnet-hostfxr-8.0-8.0.25-1.el9_4.x86_64.rpm SHA-256: 0f3df7904ab82fb5c389d6f537cd9f711ee921f2a8f167c0d25bc1cb11c2b350 dotnet-hostfxr-8.0-debuginfo-8.0.25-1.el9_4.x86_64.rpm SHA-256: 077068aa65aee9b30964ad0b095cad285f19d76e213c06ac55e7e24e33442cab dotnet-runtime-8.0-8.0.25-1.el9_4.x86_64.rpm SHA-256: f73e7d4f3cb2f8f944ec1f7689f4ae26442d11b6a7e446b9f621a2fee92c0ab2 dotnet-runtime-8.0-debuginfo-8.0.25-1.el9_4.x86_64.rpm SHA-256: ead71af032592e7afc9e4a96ca44ee9260f8fd65bc84f778af22ddaadeedc23a dotnet-runtime-dbg-8.0-8.0.25-1.el9_4.x86_64.rpm SHA-256: 95a794089c7ff0efe3dd53d0191744416cf22494880aa2c6293048cd86f87bb8 dotnet-sdk-8.0-8.0.125-1.el9_4.x86_64.rpm SHA-256: 22386b20587ff14ca84b6038c251743d9d7dca434e6f60bf1649b1f82f12c2b4 dotnet-sdk-8.0-debuginfo-8.0.125-1.el9_4.x86_64.rpm SHA-256: 69732777233e680f24255f416edac6c24c0a953d590ab127f122e076ddb08d91 dotnet-sdk-dbg-8.0-8.0.125-1.el9_4.x86_64.rpm SHA-256: 5c7c909234ff1aac128cbf046d2746418888043995d57fc1acd07f9d87e81334 dotnet-targeting-pack-8.0-8.0.25-1.el9_4.x86_64.rpm SHA-256: 0147812ad0eaf784040936ff01f73c766abdbe07d00b0d23f7750df6aae91c0e dotnet-templates-8.0-8.0.125-1.el9_4.x86_64.rpm SHA-256: 77c3bceae263aba91875df9f597fd51c230e0fac704c421b993d29ad4a9d1be7 dotnet8.0-debuginfo-8.0.125-1.el9_4.x86_64.rpm SHA-256: 23d4cf5ca794a6805ee018cb799dc02bf74a7bd40ded1ced51bf4191792b6826 dotnet8.0-debugsource-8.0.125-1.el9_4.x86_64.rpm SHA-256: 181ce9a7f73a682884f024d0419141fac52c404ffa909212e9e0ac18cd8a0c80 netstandard-targeting-pack-2.1-8.0.125-1.el9_4.x86_64.rpm SHA-256: 29754ba4bca174be3c55d2d1a77263df8614e88b8deefa3aa12131b3e58c710c Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4 SRPM dotnet8.0-8.0.125-1.el9_4.src.rpm SHA-256: 43ae1dddbd06c2ca5ab091eb59b13f18c89aa4c3f23abc50e98428810393b831 s390x aspnetcore-runtime-8.0-8.0.25-1.el9_4.s390x.rpm SHA-256: 3463eb0e8d785cb191ed8aba4013285996f804ed8ff2eaacbf6ab25f3e900b42 aspnetcore-runtime-dbg-8.0-8.0.25-1.el9_4.s390x.rpm SHA-256: 27163371e4b156eb3ce5571f86370a9fb3edacd4b638964ec22df6fe9a8d3c5e aspnetcore-targeting-pack-8.0-8.0.25-1.el9_4.s390x.rpm SHA-256: b2d2f9a2bbc787df3ea7cca1ac92e4e2a9c9197e4af6a8682da5ccf80c44e2f5 dotnet-apphost-pack-8.0-8.0.25-1.el9_4.s390x.rpm SHA-256: 44f4992a01d6098875ac4df917baaeab62015a7b314652cbb6d604c94031379c dotnet-apphost-pack-8.0-debuginfo-8.0.25-1.el9_4.s390x.rpm SHA-256: 495c15e120ed3ec849201a799468b3c0014e7932c4cf459f57be328f0ceddfea dotnet-host-8.0.25-1.el9_4.s390x.rpm SHA-256: f55d6889778c953a628f426d3364eafb3e4cc9d15f6d83e6f61dbd36231d7eff dotnet-host-debuginfo-8.0.25-1.el9_4.s390x.rpm SHA-256: 50dbd00a29c1f584a103b793c78bb096fd9bf6790ff48143ddb02ca6549ddf41 dotnet-hostfxr-8.0-8.0.25-1.el9_4.s390x.rpm SHA-256: 3bdd068a32374e29bcee9e86aec37260191bef0587f844a3e37c8511af049faf dotnet-hostfxr-8.0-debuginfo-8.0.25-1.el9_4.s390x.rpm SHA-256: 241cc0f296d3ed098cd28e7ab0a97b2a5e0b0c064c6d4aec088d586553028c4c dotnet-runtime-8.0-8.0.25-1.el9_4.s390x.rpm SHA-256: cb3f9d921b2f784c621f6da7a93e9d64d38eb35755a6d22b03015b064df129c3 dotnet-runtime-8.0-debuginfo-8.0.25-1.el9_4.s390x.rpm SHA-256: ecd55fb3bf38ff4dcbb77b3f54bffafa2f22a7c2c1243ad407623b42041c

Related Articles

HIGH RHSA-2026:10083: Important: .NET 9.0 security update Red Hat Errata HIGH RHSA-2026:10084: Important: .NET 8.0 security update Red Hat Errata HIGH NCSC-2026-0085 [1.00] [M/H] Kwetsbaarheden verholpen in Microsoft Developer tools NCSC Netherlands MEDIUM USN-8085-1: .NET vulnerabilities Ubuntu Security
Read Full Article → ← Back to News

Share this article

Twitter Facebook LinkedIn