{ "document": { "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE" } }, "lang": "nl", "notes": [ { "category": "legal_disclaimer", "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings." }, { "category": "description", "text": "Microsoft heeft kwetsbaarheden verholpen in .NET, .NET Framework, Visual Studio en PowerShell.", "title": "Feiten" }, { "category": "description", "text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:\n\n- Denial-of-Service (DoS)\n- Toegang tot gevoelige gegevens\n- Omzeilen van een beveiligingsmaatregel\n- Spoofing\n\n```\n.NET, .NET Framework, Visual Studio: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-33116 | 7,50 | Denial-of-Service | \n|----------------|------|-------------------------------------|\n\nMicrosoft PowerShell: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-26143 | 7,80 | Omzeilen van beveiligingsmaatregel | \n|----------------|------|-------------------------------------|\n\nGitHub Copilot and Visual Studio Code: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-23653 | 5,70 | Toegang tot gevoelige gegevens | \n|----------------|------|-------------------------------------|\n\n.NET and Visual Studio: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-32203 | 7,50 | Denial-of-Service | \n|----------------|------|-------------------------------------|\n\n.NET Framework: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-32226 | 5,90 | Denial-of-Service | \n| CVE-2026-23666 | 7,50 | Denial-of-Service | \n|----------------|------|-------------------------------------|\n\n.NET: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-32178 | 7,50 | Voordoen als andere gebruiker | \n| CVE-2026-26171 | 7,50 | Denial-of-Service | \n|----------------|------|-------------------------------------|\n\n```", "title": "Interpretaties" }, { "category": "description", "text": "Microsoft heeft updates beschikbaar gesteld waarmee de beschreven kwetsbaarheden worden verholpen. We raden u aan om deze updates te installeren. Meer informatie over de kwetsbaarheden, de installatie van de updates en eventuele work-arounds vindt u op:\n\nhttps://portal.msrc.microsoft.com/en-us/security-guidance", "title": "Oplossingen" }, { "category": "general", "text": "medium", "title": "Kans" }, { "category": "general", "text": "high", "title": "Schade" }, { "category": "general", "text": "Improper Neutralization of Special Elements used in a Command ('Command Injection')", "title": "CWE-77" }, { "category": "general", "text": "Improper Handling of Exceptional Conditions", "title": "CWE-755" }, { "category": "general", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" }, { "category": "general", "text": "Improper Restriction of XML External Entity Reference", "title": "CWE-611" }, { "category": "general", "text": "Improper Neutralization of Special Elements", "title": "CWE-138" }, { "category": "general", "text": "Stack-based Buffer Overflow", "title": "CWE-121" }, { "category": "general", "text": "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", "title": "CWE-362" }, { "category": "general", "text": "Loop with Unreachable Exit Condition ('Infinite Loop')", "title": "CWE-835" }, { "category": "general", "text": "Improper Input Validation", "title": "CWE-20" } ], "publisher": { "category": "coordinator", "contact_details": "cert@ncsc.nl", "name": "Nationaal Cyber Security Centrum", "namespace": "https://www.ncsc.nl/" }, "title": "Kwetsbaarheden verholpen in Microsoft Developer tools", "tracking": { "current_release_date": "2026-04-14T19:18:58.666745Z", "generator": { "date": "2025-08-04T16:30:00Z", "engine": { "name": "V.A.", "version": "1.3" } }, "id": "NCSC-2026-0114", "initial_release_date": "2026-04-14T19:18:58.666745Z", "revision_history": [ { "date": "2026-04-14T19:18:58.666745Z", "number": "1.0.0", "summary": "Initiele versie" } ], "status": "final", "version": "1.0.0" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-1" } } ], "category": "product_name", "name": ".NET 10.0" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-2" } } ], "category": "product_name", "name": ".NET 10.0 installed on Linux" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-3" } } ], "category": "product_name", "name": ".NET 10.0 installed on Mac OS" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-4" } } ], "category": "product_name", "name": ".NET 10.0 installed on Windows" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-5" } } ], "category": "product_name", "name": ".NET 8.0" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-6" } } ], "category": "product_name", "name": ".NET 8.0 installed on Linux" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-7" } } ], "category": "product_name", "name": ".NET 8.0 installed on Mac OS" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-8" } } ], "category": "product_name", "name": ".NET 8.0 installed on Windows" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-9" } } ], "category": "product_name", "name": ".NET 9.0" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-10" } } ], "category": "product_name", "name": ".NET 9.0 installed on Linux" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-11" } } ], "category": "product_name", "name": ".NET 9.0 installed on Mac OS" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-12" } } ], "category": "product_name", "name": ".NET 9.0 installed on Windows" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-13" } } ], "category": "product_name", "name": "Microsoft .NET Framework 3.5" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-14" } } ], "category": "product_name", "name": "Microsoft .NET Framework 3.5 AND 4.7.2" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-15" } } ], "category": "product_name", "name": "Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1809 for 32-bit Systems" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-16" } } ], "category": "product_name", "name": "Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1809 for ARM64-based Systems" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-17" } } ], "category": "product_name", "name": "Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1809 for x64-based Systems" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-18" } } ], "category": "product_name", "name": "Microsoft .NET Framework 3.5 AND 4.8" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-19" } } ], "category": "product_name", "name": "Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1809 for 32-bit Systems" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-20" } } ], "category": "product_name", "name": "Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1809 for ARM64-based Systems" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-21" } } ], "category": "product_name", "name": "Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1809 for x64-based Systems" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-22" } } ], "category": "product_name", "name": "Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 21H2 for 32-bit Systems" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-23" } } ], "category": "product_name", "name": "Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 21H2 for ARM64-based Systems" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-24" } } ], "category": "product_name", "name": "Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 21H2 for x64-based Systems" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-25" } } ], "category": "product_name", "name": "Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 22H2 for 32-bit Systems" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-26" } } ], "category": "product_name", "name": "Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 22H2 for ARM64-based Systems" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-27" } } ], "category": "product_name", "name": "Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 22H2 for x64-based Systems" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-28" } } ], "category": "product_name", "name": "Microsoft .NET Framework 3.5 AND 4.8 on Windows Server 2022" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-29" } } ], "category": "product_name", "name": "Microsoft .NET Framework 3.5 AND 4.8 on Windows Server 2022 (Server Core installation)" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-30" } } ], "category": "product_name", "name": "Microsoft .NET Framework 3.5 AND 4.8 on Windows Server, version 20H2 (Server Core Installation)" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-31" } } ], "category": "product_name", "name": "Microsoft .NET Framework 3.5 AND 4.8.1" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-32" } } ], "category": "product_name", "name": "Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 21H2 for 32-bit Systems" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-33" } } ], "category": "product_name", "name": "Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 21H2 for ARM64-based Systems" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-34" } } ], "category": "product_name", "name": "Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 21H2 for x64-based Systems" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-35" } } ], "category": "product_name", "name": "Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 22H2 for 32-bit Systems" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-36" } } ], "category": "product_name", "name": "Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 22H2 for ARM64-based Systems" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-37" } } ], "category": "product_name", "name": "Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 22H2 for x64-based Systems" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-38" } } ], "category": "product_name", "name": "Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 22H2 for ARM64-based Systems" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-39" } } ], "category": "product_name", "name": "Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 22H2 for x64-based Systems" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-40" } } ], "category": "product_name", "name": "Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 23H2 for ARM64-based Systems" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-41" } } ], "category": "product_name", "name": "Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 23H2 for x64-based Systems" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-42" } } ], "category": "product_name", "name": "Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 24H2 for ARM64-based Systems" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-43" } } ], "category": "product_name", "name": "Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 24H2 for x64-based Systems" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-44" } } ], "category": "product_name", "name": "Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 25H2 for ARM systems" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-45" } } ], "category": "product_name", "name": "Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 25H2 for x64-based Systems" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-46" } } ], "category": "product_name", "name": "Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 26H1 for ARM64-based Systems" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-47" } } ], "category": "product_name", "name": "Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 26H1 for x64-based Systems" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-48" } } ], "category": "product_name", "name": "Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 version 26H1 for x64-based Systems" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-49" } } ], "category": "product_name", "name": "Microsoft .NET Framework 3.5 AND 4.8.1 on Windows Server 2022" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-50" } } ], "category": "product_name", "name": "Microsoft .NET Framework 3.5 AND 4.8.1 on Windows Server 2022 (Server Core installation)" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-51" } } ], "category": "product_name", "name": "Microsoft .NET Framework 3.5 AND 4.8.1 on Windows Server 2022, 23H2 Edition (Server Core installation)" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-52" } } ], "category": "product_name", "name": "Microsoft .NET Framework 3.5 AND 4.8.1 on Windows Server 2025" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-53" } } ], "category": "product_name", "name": "Microsoft .NET Framework 3.5 AND 4.8.1 on Windows Server 2025 (Server Core installation)" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-54" } } ], "category": "product_name", "name": "Microsoft .NET Framework 3.5 on Windows Server 2012" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-55" } } ], "category": "product_name", "name": "Microsoft .NET Framework 3.5 on Windows Server 2012 (Server Core installation)" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-56" } } ], "category": "product_name", "name": "Microsoft .NET Framework 3.5 on Windows Server 2012 R2" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-57" } } ], "category": "product_name", "name": "Microsoft .NET Framework 3.5 on Windows Server 2012 R2 (Server Core installation)" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-58" } } ], "category": "product_name", "name": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-59" } } ], "category": "product_name", "name": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-60" } } ], "category": "product_name", "name": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012 (Server Core installation)" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-61" } } ], "category": "product_name", "name": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012 R2" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-62" } } ], "category": "product_name", "name": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012 R2 (Server Core installation)" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-63" } } ], "category": "product_name", "name": "Microsoft .NET Framework 4.8" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-64" } } ], "category": "product_name", "name": "Microsoft .NET Framework 4.8 on Windows 10 Version 1607 for 32-bit Systems" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-65" } } ], "category": "product_name", "name": "Microsoft .NET Framework 4.8 on Windows 10 Version 1607 for x64-based Systems" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-66" } } ], "category": "product_name", "name": "Microsoft .NET Framework 4.8 on Windows Server 2012" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-67" } } ], "category": "product_name", "name": "Microsoft .NET Framework 4.8 on Windows Server 2012 (Server Core installation)" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-68" } } ], "category": "product_name", "name": "Microsoft .NET Framework 4.8 on Windows Server 2012 R2" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-69" } } ], "category": "product_name", "name": "Microsoft .NET Framework 4.8 on Windows Server 2012 R2 (Server Core installation)" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-70" } } ], "category": "product_name", "name": "Microsoft Visual Studio 2022 version 17.12" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-71" } } ], "category": "product_name", "name": "Microsoft Visual Studio 2022 version 17.14" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-72" } } ], "category": "product_name", "name": "Microsoft Visual Studio Code CoPilot Chat Extension" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-73" } } ], "category": "product_name", "name": "PowerShell 7.4" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-74" } } ], "category": "product_name", "name": "PowerShell 7.5" } ], "category": "vendor", "name": "Microsoft" } ] }, "vulnerabilities": [ { "cve": "CVE-2026-23653", "cwe": { "id": "CWE-77", "name": "Improper Neutralization of Special Elements used in a Command ('Command Injection')" }, "notes": [ { "category": "other", "text": "Improper Neutralization of Special Elements used in a Command ('Command Injection')", "title": "CWE-77" }, { "category": "description", "text": "Improper neutralization of special elements in commands ('command injection') in GitHub Copilot and Visual Studio Code allows authorized attackers to disclose information over a network.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-1", "CSAFPID-2", "CSAFPID-3", "CSAFPID-4", "CSAFPID-5", "CSAFPID-6", "CSAFPID-7", "CSAFPID-8", "CSAFPID-9", "CSAFPID-10", "CSAFPID-11", "CSAFPID-12", "CSAFPID-13", "CSAFPID-14", "CSAFPID-15", "CSAFPID-16", "CSAFPID-17", "CSAFPID-18", "CSAFPID-19", "CSAFPID-20", "CSAFPID-21", "CSAFPID-22", "CSAFPID-23", "CSAFPID-24", "CSAFPID-25", "CSAFPID-26", "CSAFPID-27", "CSAFPID-28", "CSAFPID-29", "CSAFPID-30", "CSAFPID-31", "CSAFPID-32", "CSAFPID-33", "CSAFPID-34", "CSAFPID-35", "CSAFPID-36", "CSAFPID-37", "CSAFPID-38", "CSAFPID-39", "CSAFPID-40", "CSAFPID-41", "CSAFPID-42", "CSAFPID-43", "CSAFPID-44", "CSAFPID-45", "CSAFPID-46", "CSAFPID-47", "CSAFPID-48", "CSAFPID-49", "CSAFPID-50", "CSAFPID-51", "CSAFPID-52", "CSAFPID-53", "CSAFPID-54", "CSAFPID-55", "CSAFPID-56", "CSAFPID-57", "CSAFPID-58", "CSAFPID-59", "CSAFPID-60", "CSAFPID-61", "CSAFPID-62", "CSAFPID-63", "CSAFPID-64", "CSAFPID-65", "CSAFPID-66", "CSAFPID-67", "CSAFPID-68", "CSAFPID-69", "CSAFPID-70", "CSAFPID-71", "CSAFPID-72", "CSAFPID-73", "CSAFPID-74" ] }, "references": [ { "category": "self", "summary": "CVE-2026-23653 | NCSC-NL Website", "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-23653.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C", "baseScore": 5.7, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1", "CSAFPID-2", "CSAFPID-3", "CSAFPID-4", "CSAFPID-5", "CSAFPID-6", "CSAFPID-7", "CSAFPID-8", "CSAFPID-9", "CSAFPID-10", "CSAFPID-11", "CSAFPID-12", "CSAFPID-13", "CSAFPID-14", "CSAFPID-15", "CSAFPID-16", "CSAFPID-17", "CSAFPID-18", "CSAFPID-19", "CSAFPID-20", "CSAFPID-21", "CSAFPID-22", "CSAFPID-23", "CSAFPID-24", "CSAFPID-25", "CSAFPID-26", "CSAFPID-27", "CSAFPID-28", "CSAFPID-29", "CSAFPID-30", "CSAFPID-31", "CSAFPID-32", "CSAFPID-33", "CSAFPID-34", "CSAFPID-35", "CSAFPID-36", "CSAFPID-37", "CSAFPID-38", "CSAFPID-39", "CSAFPID-40", "CSAFPID-41", "CSAFPID-42", "CSAFPID-43", "CSAFPID-44", "CSAFPID-45", "CSAFPID-46", "CSAFPID-47", "CSAFPID-48", "CSAFPID-49", "CSAFPID-50", "CSAFPID-51", "CSAFPID-52", "CSAFPID-53", "CSAFPID-54", "CSAFPID-55", "CSAFPID-56", "CSAFPID-57", "CSAFPID-58", "CSAFPID-59", "CSAFPID-60", "CSAFPID-61", "CSAFPID-62", "CSAFPID-63", "CSAFPID-64", "CSAFPID-65", "CSAFPID-66", "CSAFPID-67", "CSAFPID-68", "CSAFPID-69", "CSAFPID-70", "CSAFPID-71", "CSAFPID-72", "CSAFPID-73", "CSAFPID-74" ] } ], "title": "CVE-2026-23653" }, { "cve": "CVE-2026-23666", "notes": [ { "category": "description", "text": "A race condition in the .NET Framework's concurrent execution of shared resources allows unauthorized attackers to cause a denial of service over a network.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-1", "CSAFPID-2", "CSAFPID-3", "CSAFPID-4", "CSAFPID-5", "CSAFPID-6", "CSAFPID-7", "CSAFPID-8", "CSAFPID-9", "CSAFPID-10", "CSAFPID-11", "CSAFPID-12", "CSAFPID-13", "CSAFPID-14", "CSAFPID-15", "CSAFPID-16", "CSAFPID-17", "CSAFPID-18", "CSAFPID-19", "CSAFPID-20", "CSAFPID-21", "CSAFPID-22", "CSAFPID-23", "CSAFPID-24", "CSAFPID-25", "CSAFPID-26", "CSAFPID-27", "CSAFPID-28", "CSAFPID-29", "CSAFPID-30", "CSAFPID-31", "CSAFPID-32", "CSAFPID-33", "CSAFPID-34", "CSAFPID-35", "CSAFPID-36", "CSAFPID-37", "CSAFPID-38", "CSAFPID-39", "CSAFPID-40", "CSAFPID-41", "CSAFPID-42", "CSAFPID-43", "CSAFPID-44", "CSAFPID-45", "CSAFPID-46", "CSAFPID-47", "CSAFPID-48", "CSAFPID-49", "CSAFPID-50", "CSAFPID-51", "CSAFPID-52", "CSAFPID-53", "CSAFPID-54", "CSAFPID-55", "CSAFPID-56", "CSAFPID-57", "CSAFPID-58", "CSAFPID-59", "CSAFPID-60", "CSAFPID-61", "CSAFPID-62", "CSAFPID-63", "CSAFPID-64", "CSAFPID-65", "CSAFPID-66", "CSAFPID-67", "CSAFPID-68", "CSAFPID-69", "CSAFPID-70", "CSAFPID-71", "CSAFPID-72", "CSAFPID-73", "CSAFPID-74" ] }, "references": [ { "category": "self", "summary": "CVE-2026-23666 | NCSC-NL Website", "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-23666.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "baseScore": 7.5, "baseSeverity": "HIGH" }, "products": [ "CSAFPID-1", "CSAFPID-2", "CSAFPID-3", "CSAFPID-4", "CSAFPID-5", "CSAFPID-6", "CSAFPID-7", "CSAFPID-8", "CSAFPID-9", "CSAFPID-10", "CSAFPID-11", "CSAFPID-12", "CSAFPID-13", "CSAFPID-14", "CSAFPID-15", "CSAFPID-16", "CSAFPID-17", "CSAFPID-18", "CSAFPID-19", "CSAFPID-20", "CSAFPID-21", "CSAFPID-22", "CSAFPID-23", "CSAFPID-24", "CSAFPID-25", "CSAFPID-26", "CSAFPID-27", "CSAFPID-28", "CSAFPID-29", "CSAFPID-30", "CSAFPID-31", "CSAFPID-32", "CSAFPID-33", "CSAFPID-34", "CSAFPID-35", "CSAFPID-36", "CSAFPID-37", "CSAFPID-38", "CSAFPID-39", "CSAFPID-40", "CSAFPID-41", "CSAFPID-42", "CSAFPID-43", "CSAFPID-44", "CSAFPID-45", "CSAFPID-46", "CSAFPID-47", "CSAFPID-48", "CSAFPID-49", "CSAFPID-50", "CSAFPID-51", "CSAFPID-52", "CSAFPID-53", "CSAFPID-54", "CSAFPID-55", "CSAFPID-56", "CSAFPID-57", "CSAFPID-58", "CSAFPID-59", "CSAFPID-60", "CSAFPID-61", "CSAFPID-62", "CSAFPID-63", "CSAFPID-64", "CSAFPID-65", "CSAFPID-66", "CSAFPID-67", "CSAFPID-68", "CSAFPID-69", "CSAFPID-70", "CSAFPID-71", "CSAFPID-72", "CSAFPID-73", "CSAFPID-74" ] } ], "title": "CVE-2026-23666" }, { "cve": "CVE-2026-26143", "notes": [ { "category": "description", "text": "Improper input validation in Microsoft PowerShell enables a local unauthorized attacker to bypass security features, potentially compromising system integrity.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-1", "CSAFPID-2", "CSAFPID-3", "CSAFPID-4", "CSAFPID-5", "CSAFPID-6", "CSAFPID-7", "CSAFPID-8", "CSAFPID-9", "CSAFPID-10", "CSAFPID-11", "CSAFPID-12", "CSAFPID-13", "CSAFPID-14", "CSAFPID-15", "CSAFPID-16", "CSAFPID-17", "CSAFPID-18", "CSAFPID-19", "CSAFPID-20", "CSAFPID-21", "CSAFPID-22", "CSAFPID-23", "CSAFPID-24", "CSAFPID-25", "CSAFPID-26", "CSAFPID-27", "CSAFPID-28", "CSAFPID-29", "CSAFPID-30", "CSAFPID-31", "CSAFPID-32", "CSAFPID-33", "CSAFPID-34", "CSAFPID-35", "CSAFPID-36", "CSAFPID-37", "CSAFPID-38", "CSAFPID-39", "CSAFPID-40", "CSAFPID-41", "CSAFPID-42", "CSAFPID-43", "CSAFPID-44", "CSAFPID-45", "CSAFPID-46", "CSAFPID-47", "CSAFPID-48", "CSAFPID-49", "CSAFPID-50", "CSAFPID-51", "CSAFPID-52", "CSAFPID-53", "CSAFPID-54", "CSAFPID-55", "CSAFPID-56", "CSAFPID-57", "CSAFPID-58", "CSAFPID-59", "CSAFPID-60", "CSAFPID-61", "CSAFPID-62", "CSAFPID-63", "CSAFPID-64", "CSAFPID-65", "CSAFPID-66", "CSAFPID-67", "CSAFPID-68", "CSAFPID-69", "CSAFPID-70", "CSAFPID-71", "CSAFPID-72", "CSAFPID-73", "CSAFPID-74" ] }, "references": [ { "category": "self", "summary": "CVE-2026-26143 | NCSC-NL Website", "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-26143.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "baseScore": 7.8, "baseSeverity": "HIGH" }, "products": [ "CSAFPID-1", "CSAFPID-2", "CSAFPID-3", "CSAFPID-4", "CSAFPID-5", "CSAFPID-6", "CSAFPID-7", "CSAFPID-8", "CSAFPID-9", "CSAFPID-10", "CSAFPID-11", "CSAFPID-12", "CSAFPID-13", "CSAFPID-14", "CSAFPID-15", "CSAFPID-16", "CSAFPID-17", "CSAFPID-18", "CSAFPID-19", "CSAFPID-20", "CSAFPID-21", "CSAFPID-22", "CSAFPID-23", "CSAFPID-24", "CSAFPID-25", "CSAFPID-26", "CSAFPID-27", "CSAFPID-28", "CSAFPID-29", "CSAFPID-30", "CSAFPID-31", "CSAFPID-32", "CSAFPID-33", "CSAFPID-34", "CSAFPID-35", "CSAFPID-36", "CSAFPID-37", "CSAFPID-38", "CSAFPID-39", "CSAFPID-40", "CSAFPID-41", "CSAFPID-42", "CSAFPID-43", "CSAFPID-44", "CSAFPID-45", "CSAFPID-46", "CSAFPID-47", "CSAFPID-48", "CSAFPID-49", "CSAFPID-50", "CSAFPID-51", "CSAFPID-52", "CSAFPID-53", "CSAFPID-54", "CSAFPID-55", "CSAFPID-56", "CSAFPID-57", "CSAFPID-58", "CSAFPID-59", "CSAFPID-60", "CSAFPID-61", "CSAFPID-62", "CSAFPID-63", "CSAFPID-64", "CSAFPID-65", "CSAFPID-66", "CSAFPID-67", "CSAFPID-68", "CSAFPID-69", "CSAFPID-70", "CSAFPID-71", "CSAFPID-72", "CSAFPID-73", "CSAFPID-74" ] } ], "title": "CVE-2026-26143" }, { "cve": "CVE-2026-26171", "cwe": { "id": "CWE-611", "name": "Improper Restriction of XML External Entity Reference" }, "notes": [ { "category": "other", "text": "Improper Restriction of XML External Entity Reference", "title": "CWE-611" }, { "category": "description", "text": "Uncontrolled resource consumption vulnerabilities in the .NET framework allow unauthorized attackers to cause denial of service conditions over a network by exhausting system resources.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-1", "CSAFPID-2", "CSAFPID-3", "CSAFPID-4", "CSAFPID-5", "CSAFPID-6", "CSAFPID-7", "CSAFPID-8", "CSAFPID-9", "CSAFPID-10", "CSAFPID-11", "CSAFPID-12", "CSAFPID-13", "CSAFPID-14", "CSAFPID-15", "CSAFPID-16", "CSAFPID-17", "CSAFPID-18", "CSAFPID-19", "CSAFPID-20", "CSAFPID-21", "CSAFPID-22", "CSAFPID-23", "CSAFPID-24", "CSAFPID-25", "CSAFPID-26", "CSAFPID-27", "CSAFPID-28", "CSAFPID-29", "CSAFPID-30", "CSAFPID-31", "CSAFPID-32", "CSAFPID-33", "CSAFPID-34", "CSAFPID-35", "CSAFPID-36", "CSAFPID-37", "CSAFPID-38", "CSAFPID-39", "CSAFPID-40", "CSAFPID-41", "CSAFPID-42", "CSAFPID-43", "CSAFPID-44", "CSAFPID-45", "CSAFPID-46", "CSAFPID-47", "CSAFPID-48", "CSAFPID-49", "CSAFPID-50", "CSAFPID-51", "CSAFPID-52", "CSAFPID-53", "CSAFPID-54", "CSAFPID-55", "CSAFPID-56", "CSAFPID-57", "CSAFPID-58", "CSAFPID-59", "CSAFPID-60", "CSAFPID-61", "CSAFPID-62", "CSAFPID-63", "CSAFPID-64", "CSAFPID-65", "CSAFPID-66", "CSAFPID-67", "CSAFPID-68", "CSAFPID-69", "CSAFPID-70", "CSAFPID-71", "CSAFPID-72", "CSAFPID-73", "CSAFPID-74" ] }, "references": [ { "category": "self", "summary": "CVE-2026-26171 | NCSC-NL Website", "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-26171.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", "baseScore": 7.5, "baseSeverity": "HIGH" }, "products": [ "CSAFPID-1", "CSAFPID-2", "CSAFPID-3", "CSAFPID-4", "CSAFPID-5", "CSAFPID-6", "CSAFPID-7", "CSAFPID-8", "CSAFPID-9", "CSAFPID-10", "CSAFPID-11", "CSAFPID-12", "CSAFPID-13", "CSAFPID-14", "CSAFPID-15", "CSAFPID-16", "CSAFPID-17", "CSAFPID-18", "CSAFPID-19", "CSAFPID-20", "CSAFPID-21", "CSAFPID-22", "CSAFPID-23", "CSAFPID-24", "CSAFPID-25", "CSAFPID-26", "CSAFPID-27", "CSAFPID-28", "CSAFPID-29", "CSAFPID-30", "CSAFPID-31", "CSAFPID-32", "CSAFPID-33", "CSAFPID-34", "CSAFPID-35", "CSAFPID-36", "CSAFPID-37", "CSAFPID-38", "CSAFPID-39", "CSAFPID-40", "CSAFPID-41", "CSAFPID-42", "CSAFPID-43", "CSAFPID-44", "CSAFPID-45", "CSAFPID-46", "CSAFPID-47", "CSAFPID-48", "CSAFPID-49", "CSAFPID-50", "CSAFPID-51", "CSAFPID-52", "CSAFPID-53", "CSAFPID-54", "CSAFPID-55", "CSAFPID-56", "CSAFPID-57", "CSAFPID-58", "CSAFPID-59", "CSAFPID-60", "CSAFPID-61", "CSAFPID-62", "CSAFPID-63", "CSAFPID-64", "CSAFPID-65", "CSAFPID-66", "CSAFPID-67", "CSAFPID-68", "CSAFPID-69", "CSAFPID-70", "CSAFPID-71", "CSAFPID-72", "CSAFPID-73", "CSAFPID-74" ] } ], "title": "CVE-2026-26171" }, { "cve": "CVE-2026-32178", "notes": [ { "category": "description", "text": "Improper neutralization of special elements in the .NET framework allows unauthorized attackers to conduct network spoofing attacks, compromising network integrity and security.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-1", "CSAFPID-2", "CSAFPID-3", "CSAFPID-4", "CSAFPID-5", "CSAFPID-6", "CSAFPID-7", "CSAFPID-8", "CSAFPID-9", "CSAFPID-10", "CSAFPID-11", "CSAFPID-12", "CSAFPID-13", "CSAFPID-14", "CSAFPID-15", "CSAFPID-16", "CSAFPID-17", "CSAFPID-18", "CSAFPID-19", "CSAFPID-20", "CSAFPID-21", "CSAFPID-22", "CSAFPID-23", "CSAFPID-24", "CSAFPID-25", "CSAFPID-26", "CSAFPID-27", "CSAFPID-28", "CSAFPID-29", "CSAFPID-30", "CSAFPID-31", "CSAFPID-32", "CSAFPID-33", "CSAFPID-34", "CSAFPID-35", "CSAFPID-36", "CSAFPID-37", "CSAFPID-38", "CSAFPID-39", "CSAFPID-40", "CSAFPID-41", "CSAFPID-42", "CSAFPID-43", "CSAFPID-44", "CSAFPID-45", "CSAFPID-46", "CSAFPID-47", "CSAFPID-48", "CSAFPID-49", "CSAFPID-50", "CSAFPID-51", "CSAFPID-52", "CSAFPID-53", "CSAFPID-54", "CSAFPID-55", "CSAFPID-56", "CSAFPID-57", "CSAFPID-58", "CSAFPID-59", "CSAFPID-60", "CSAFPID-61", "CSAFPID-62", "CSAFPID-63", "CSAFPID-64", "CSAFPID-65", "CSAFPID-66", "CSAFPID-67", "CSAFPID-68", "CSAFPID-69", "CSAFPID-70", "CSAFPID-71", "CSAFPID-72", "CSAFPID-73", "CSAFPID-74" ] }, "references": [ { "category": "self", "summary": "CVE-2026-32178 | NCSC-NL Website", "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-32178.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C", "baseScore": 7.5, "baseSeverity": "HIGH" }, "products": [ "CSAFPID-1", "CSAFPID-2", "CSAFPID-3", "CSAFPID-4", "CSAFPID-5", "CSAFPID-6", "CSAFPID-7", "CSAFPID-8", "CSAFPID-9", "CSAFPID-10", "CSAFPID-11", "CSAFPID-12", "CSAFPID-13", "CSAFPID-14", "CSAFPID-15", "CSAFPID-16", "CSAFPID-17", "CSAFPID-18", "CSAFPID-19", "CSAFPID-20", "CSAFPID-21", "CSAFPID-22", "CSAFPID-23", "CSAFPID-24", "CSAFPID-25", "CSAFPID-26", "CSAFPID-27", "CSAFPID-28", "CSAFPID-29", "CSAFPID-30", "CSAFPID-31", "CSAFPID-32", "CSAFPID-33", "CSAFPID-34", "CSAFPID-35", "CSAFPID-36", "CSAFPID-37", "CSAFPID-38", "CSAFPID-39", "CSAFPID-40", "CSAFPID-41", "CSAFPID-42", "CSAFPID-43", "CSAFPID-44", "CSAFPID-45", "CSAFPID-46", "CSAFPID-47", "CSAFPID-48", "CSAFPID-49", "CSAFPID-50", "CSAFPID-51", "CSAFPID-52", "CSAFPID-53", "CSAFPID-54", "CSAFPID-55", "CSAFPID-56", "CSAFPID-57", "CSAFPID-58", "CSAFPID-59", "CSAFPID-60", "CSAFPID-61", "CSAFPID-62", "CSAFPID-63", "CSAFPID-64", "CSAFPID-65", "CSAFPID-66", "CSAFPID-67", "CSAFPID-68", "CSAFPID-69", "CSAFPID-70", "CSAFPID-71", "CSAFPID-72", "CSAFPID-73", "CSAFPID-74" ] } ], "title": "CVE-2026-32178" }, { "cve": "CVE-2026-32203", "cwe": { "id": "CWE-121", "name": "Stack-based Buffer Overflow" }, "notes": [ { "category": "other", "text": "Stack-based Buffer Overflow", "title": "CWE-121" }, { "category": "description", "text": "A stack-based buffer overflow vulnerability in .NET and Visual Studio allows an unauthorized attacker to cause a denial of service over a network.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-1", "CSAFPID-2", "CSAFPID-3", "CSAFPID-4", "CSAFPID-5", "CSAFPID-6", "CSAFPID-7", "CSAFPID-8", "CSAFPID-9", "CSAFPID-10", "CSAFPID-11", "CSAFPID-12", "CSAFPID-13", "CSAFPID-14", "CSAFPID-15", "CSAFPID-16", "CSAFPID-17", "CSAFPID-18", "CSAFPID-19", "CSAFPID-20", "CSAFPID-21", "CSAFPID-22", "CSAFPID-23", "CSAFPID-24", "CSAFPID-25", "CSAFPID-26", "CSAFPID-27", "CSAFPID-28", "CSAFPID-29", "CSAFPID-30", "CSAFPID-31", "CSAFPID-32", "CSAFPID-33", "CSAFPID-34", "CSAFPID-35", "CSAFPID-36", "CSAFPID-37", "CSAFPID-38", "CSAFPID-39", "CSAFPID-40", "CSAFPID-41", "CSAFPID-42", "CSAFPID-43", "CSAFPID-44", "CSAFPID-45", "CSAFPID-46", "CSAFPID-47", "CSAFPID-48", "CSAFPID-49", "CSAFPID-50", "CSAFPID-51", "CSAFPID-52", "CSAFPID-53", "CSAFPID-54", "CSAFPID-55", "CSAFPID-56", "CSAFPID-57", "CSAFPID-58", "CSAFPID-59", "CSAFPID-60", "CSAFPID-61", "CSAFPID-62", "CSAFPID-63", "CSAFPID-64", "CSAFPID-65", "CSAFPID-66", "CSAFPID-67", "CSAFPID-68", "CSAFPID-69", "CSAFPID-70", "CSAFPID-71", "CSAFPID-72", "CSAFPID-73", "CSAFPID-74" ] }, "references": [ { "category": "self", "summary": "CVE-2026-32203 | NCSC-NL Website", "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-32203.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", "baseScore": 7.5, "baseSeverity": "HIGH" }, "products": [ "CSAFPID-1", "CSAFPID-2", "CSAFPID-3", "CSAFPID-4", "CSAFPID-5", "CSAFPID-6", "CSAFPID-7", "CSAFPID-8", "CSAFPID-9", "CSAFPID-10", "CSAFPID-11", "CSAFPID-12", "CSAFPID-13", "CSAFPID-14", "CSAFPID-15", "CSAFPID-16", "CSAFPID-17", "CSAFPID-18", "CSAFPID-19", "CSAFPID-20", "CSAFPID-21", "CSAFPID-22", "CSAFPID-23", "CSAFPID-24", "CSAFPID-25", "CSAFPID-26", "CSAFPID-27", "CSAFPID-28", "CSAFPID-29", "CSAFPID-30", "CSAFPID-31", "CSAFPID-32", "CSAFPID-33", "CSAFPID-34", "CSAFPID-35", "CSAFPID-36", "CSAFPID-37", "CSAFPID-38", "CSAFPID-39", "CSAFPID-40", "CSAFPID-41", "CSAFPID-42", "CSAFPID-43", "CSAFPID-44", "CSAFPID-45", "CSAFPID-46", "CSAFPID-47", "CSAFPID-48", "CSAFPID-49", "CSAFPID-50", "CSAFPID-51", "CSAFPID-52", "CSAFPID-53", "CSAFPID-54", "CSAFPID-55", "CSAFPID-56", "CSAFPID-57", "CSAFPID-58", "CSAFPID-59", "CSAFPID-60", "CSAFPID-61", "CSAFPID-62", "CSAFPID-63", "CSAFPID-64", "CSAFPID-65", "CSAFPID-66", "CSAFPID-67", "CSAFPID-68", "CSAFPID-69", "CSAFPID-70", "CSAFPID-71", "CSAFPID-72", "CSAFPID-73", "CSAFPID-74" ] } ], "title": "CVE-2026-32203" }, { "cve": "CVE-2026-32226", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')" }, "notes": [ { "category": "other", "text": "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", "title": "CWE-362" }, { "category": "description", "text": "A race condition in the .NET Framework's concurrent execution of shared resources allows unauthorized attackers to cause a denial of service over a network.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-1", "CSAFPID-2", "CSAFPID-3", "CSAFPID-4", "CSAFPID-5", "CSAFPID-6", "CSAFPID-7", "CSAFPID-8", "CSAFPID-9", "CSAFPID-10", "CSAFPID-11", "CSAFPID-12", "CSAFPID-13", "CSAFPID-14", "CSAFPID-15", "CSAFPID-16", "CSAFPID-17", "CSAFPID-18", "CSAFPID-19", "CSAFPID-20", "CSAFPID-21", "CSAFPID-22", "CSAFPID-23", "CSAFPID-24", "CSAFPID-25", "CSAFPID-26", "CSAFPID-27", "CSAFPID-28", "CSAFPID-29", "CSAFPID-30", "CSAFPID-31", "CSAFPID-32", "CSAFPID-33", "CSAFPID-34", "CSAFPID-35", "CSAFPID-36", "CSAFPID-37", "CSAFPID-38", "CSAFPID-39", "CSAFPID-40", "CSAFPID-41", "CSAFPID-42", "CSAFPID-43", "CSAFPID-44", "CSAFPID-45", "CSAFPID-46", "CSAFPID-47", "CSAFPID-48", "CSAFPID-49", "CSAFPID-50", "CSAFPID-51", "CSAFPID-52", "CSAFPID-53", "CSAFPID-54", "CSAFPID-55", "CSAFPID-56", "CSAFPID-57", "CSAFPID-58", "CSAFPID-59", "CSAFPID-60", "CSAFPID-61", "CSAFPID-62", "CSAFPID-63", "CSAFPID-64", "CSAFPID-65", "CSAFPID-66", "CSAFPID-67", "CSAFPID-68", "CSAFPID-69", "CSAFPID-70", "CSAFPID-71", "CSAFPID-72", "CSAFPID-73", "CSAFPID-74" ] }, "references": [ { "category": "self", "summary": "CVE-2026-32226 | NCSC-NL Website", "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-32226.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", "baseScore": 5.9, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1", "CSAFPID-2", "CSAFPID-3", "CSAFPID-4", "CSAFPID-5", "CSAFPID-6", "CSAFPID-7", "CSAFPID-8", "CSAFPID-9", "CSAFPID-10", "CSAFPID-11", "CSAFPID-12", "CSAFPID-13", "CSAFPID-14", "CSAFPID-15", "CSAFPID-16", "CSAFPID-17", "CSAFPID-18", "CSAFPID-19", "CSAFPID-20", "CSAFPID-21", "CSAFPID-22", "CSAFPID-23", "CSAFPID-24", "CSAFPID-25", "CSAFPID-26", "CSAFPID-27", "CSAFPID-28", "CSAFPID-29", "CSAFPID-30", "CSAFPID-31", "CSAFPID-32", "CSAFPID-33", "CSAFPID-34", "CSAFPID-35", "CSAFPID-36", "CSAFPID-37", "CSAFPID-38", "CSAFPID-39", "CSAFPID-40", "CSAFPID-41", "CSAFPID-42", "CSAFPID-43", "CSAFPID-44", "CSAFPID-45", "CSAFPID-46", "CSAFPID-47", "CSAFPID-48", "CSAFPID-49", "CSAFPID-50", "CSAFPID-51", "CSAFPID-52", "CSAFPID-53", "CSAFPID-54", "CSAFPID-55", "CSAFPID-56", "CSAFPID-57", "CSAFPID-58", "CSAFPID-59", "CSAFPID-60", "CSAFPID-61", "CSAFPID-62", "CSAFPID-63", "CSAFPID-64", "CSAFPID-65", "CSAFPID-66", "CSAFPID-67", "CSAFPID-68", "CSAFPID-69", "CSAFPID-70", "CSAFPID-71", "CSAFPID-72", "CSAFPID-73", "CSAFPID-74" ] } ], "title": "CVE-2026-32226" }, { "cve": "CVE-2026-33116", "cwe": { "id": "CWE-835", "name": "Loop with Unreachable Exit Condition ('Infinite Loop')" }, "notes": [ { "category": "other", "text": "Loop with Unreachable Exit Condition ('Infinite Loop')", "title": "CWE-835" }, { "category": "description", "text": "An infinite loop vulnerability in .NET, .NET Framework, and Visual Studio can be exploited by unauthorized attackers to cause a denial of service over a network.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-1", "CSAFPID-2", "CSAFPID-3", "CSAFPID-4", "CSAFPID-5", "CSAFPID-6", "CSAFPID-7", "CSAFPID-8", "CSAFPID-9", "CSAFPID-10", "CSAFPID-11", "CSAFPID-12", "CSAFPID-13", "CSAFPID-14", "CSAFPID-15", "CSAFPID-16", "CSAFPID-17", "CSAFPID-18", "CSAFPID-19", "CSAFPID-20", "CSAFPID-21", "CSAFPID-22", "CSAFPID-23", "CSAFPID-24", "CSAFPID-25", "CSAFPID-26", "CSAFPID-27", "CSAFPID-28", "CSAFPID-29", "CSAFPID-30", "CSAFPID-31", "CSAFPID-32", "CSAFPID-33", "CSAFPID-34", "CSAFPID-35", "CSAFPID-36", "CSAFPID-37", "CSAFPID-38", "CSAFPID-39", "CSAFPID-40", "CSAFPID-41", "CSAFPID-42", "CSAFPID-43", "CSAFPID-44", "CSAFPID-45", "CSAFPID-46", "CSAFPID-47", "CSAFPID-48", "CSAFPID-49", "CSAFPID-50", "CSAFPID-51", "CSAFPID-52", "CSAFPID-53", "CSAFPID-54", "CSAFPID-55", "CSAFPID-56", "CSAFPID-57", "CSAFPID-58", "CSAFPID-59", "CSAFPID-60", "CSAFPID-61", "CSAFPID-62", "CSAFPID-63", "CSAFPID-64", "CSAFPID-65", "CSAFPID-66", "CSAFPID-67", "CSAFPID-68", "CSAFPID-69", "CSAFPID-70", "CSAFPID-71", "CSAFPID-72", "CSAFPID-73", "CSAFPID-74" ] }, "references": [ { "category": "self", "summary": "CVE-2026-33116 | NCSC-NL Website", "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-33116.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", "baseScore": 7.5, "baseSeverity": "HIGH" }, "products": [ "CSAFPID-1", "CSAFPID-2", "CSAFPID-3", "CSAFPID-4", "CSAFPID-5", "CSAFPID-6", "CSAFPID-7", "CSAFPID-8", "CSAFPID-9", "CSAFPID-10", "CSAFPID-11", "CSAFPID-12", "CSAFPID-13", "CSAFPID-14", "CSAFPID-15", "CSAFPID-16", "CSAFPID-17", "CSAFPID-18", "CSAFPID-19", "CSAFPID-20", "CSAFPID-21", "CSAFPID-22", "CSAFPID-23", "CSAFPID-24", "CSAFPID-25", "CSAFPID-26", "CSAFPID-27", "CSAFPID-28", "CSAFPID-29", "CSAFPID-30", "CSAFPID-31", "CSAFPID-32", "CSAFPID-33", "CSAFPID-34", "CSAFPID-35", "CSAFPID-36", "CSAFPID-37", "CSAFPID-38", "CSAFPID-39", "CSAFPID-40", "CSAFPID-41", "CSAFPID-42", "CSAFPID-43", "CSAFPID-44", "CSAFPID-45", "CSAFPID-46", "CSAFPID-47", "CSAFPID-48", "CSAFPID-49", "CSAFPID-50", "CSAFPID-51", "CSAFPID-52", "CSAFPID-53", "CSAFPID-54", "CSAFPID-55", "CSAFPID-56", "CSAFPID-57", "CSAFPID-58", "CSAFPID-59", "CSAFPID-60", "CSAFPID-61", "CSAFPID-62", "CSAFPID-63", "CSAFPID-64", "CSAFPID-65", "CSAFPID-66", "CSAFPID-67", "CSAFPID-68", "CSAFPID-69", "CSAFPID-70", "CSAFPID-71", "CSAFPID-72", "CSAFPID-73", "CSAFPID-74" ] } ], "title": "CVE-2026-33116" } ] }