Denial of Service Vulnerability in .NET by Microsoft
CVE-2026-47302

7.5HIGH

Key Information:

Vendor

Microsoft

Vendor
CVE Published:
14 July 2026

What is CVE-2026-47302?

This vulnerability in .NET allows unauthorized attackers to exploit resource allocation mechanisms without limits or throttling, potentially leading to denial of service over a network. Such attacks can disrupt the availability of applications and services, posing a significant risk to user accessibility and system reliability. Developers and administrators should take necessary precautions to mitigate this threat and ensure the integrity of their applications.

Affected Version(s)

.NET 10.0 10.0.0 < 10.0.6

.NET 8.0 8.0.0 < 8.0.29

.NET 9.0 9.0.0 < 9.0.18

References

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.