{
    "document": {
        "category": "csaf_security_advisory",
        "csaf_version": "2.0",
        "distribution": {
            "tlp": {
                "label": "WHITE"
            }
        },
        "lang": "nl",
        "notes": [
            {
                "category": "legal_disclaimer",
                "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
            },
            {
                "category": "description",
                "text": "Microsoft heeft kwetsbaarheden verholpen in Developer Tools als .NET en Visual Studio.",
                "title": "Feiten"
            },
            {
                "category": "description",
                "text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot schade uit de categorieën zoals genoemd in bijgevoegde tabel.\n\nVoor succesvol misbruik moet de kwaadwillende het slachtoffer misleiden een malafide bronbestand te openen en verwerken in de ontwikkelomgeving.\n\n```\nVisual Studio: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-47305 | 7.80 | Uitvoeren van willekeurige code     | \n|----------------|------|-------------------------------------|\n\nGitHub Copilot and Visual Studio Code: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-47282 | 6.50 | Toegang tot gevoelige gegevens      | \n|----------------|------|-------------------------------------|\n\nVisual Studio Code: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-45496 | 5.50 | Omzeilen van beveiligingsmaatregel  | \n| CVE-2026-50520 | 8.40 | Uitvoeren van willekeurige code     | \n| CVE-2026-57101 | 7.10 | Omzeilen van beveiligingsmaatregel  | \n| CVE-2026-57102 | 8.80 | Omzeilen van beveiligingsmaatregel  | \n|----------------|------|-------------------------------------|\n\n.NET Framework: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-50524 | 7.50 | Denial-of-Service                   | \n| CVE-2026-50527 | 7.50 | Denial-of-Service                   | \n| CVE-2026-50646 | 7.80 | Uitvoeren van willekeurige code     | \n| CVE-2026-50648 | 7.50 | Denial-of-Service                   | \n| CVE-2026-50650 | 7.80 | Uitvoeren van willekeurige code     | \n|----------------|------|-------------------------------------|\n\nASP.NET Core: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-47300 | 8.80 | Verkrijgen van verhoogde rechten    | \n| CVE-2026-47303 | 8.80 | Verkrijgen van verhoogde rechten    | \n| CVE-2026-50506 | 7.50 | Denial-of-Service                   | \n| CVE-2026-56170 | 7.50 | Denial-of-Service                   | \n| CVE-2026-45646 | 7.50 | Denial-of-Service                   | \n|----------------|------|-------------------------------------|\n\n.NET: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-47302 | 7.50 | Denial-of-Service                   | \n| CVE-2026-47304 | 8.10 | Omzeilen van beveiligingsmaatregel  | \n| CVE-2026-50525 | 7.50 | Denial-of-Service                   | \n| CVE-2026-50526 | 7.00 | Manipulatie van gegevens            | \n| CVE-2026-50528 | 8.20 | Omzeilen van beveiligingsmaatregel  | \n| CVE-2026-50649 | 7.80 | Uitvoeren van willekeurige code     | \n| CVE-2026-50651 | 7.50 | Denial-of-Service                   | \n| CVE-2026-50659 | 6.50 | Voordoen als andere gebruiker       | \n|----------------|------|-------------------------------------|\n\n.NET Core: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-57108 | 7.50 | Denial-of-Service                   | \n|----------------|------|-------------------------------------|\n\nGitHub Copilot and Visual Studio: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-41109 | 8.80 | Omzeilen van beveiligingsmaatregel  | \n|----------------|------|-------------------------------------|\n\n```\n",
                "title": "Interpretaties"
            },
            {
                "category": "description",
                "text": "Microsoft heeft updates beschikbaar gesteld waarmee de beschreven kwetsbaarheden worden verholpen. We raden u aan om deze updates te installeren. Meer informatie over de kwetsbaarheden, de installatie van de updates en eventuele work-arounds vindt u op:\n\nhttps://portal.msrc.microsoft.com/en-us/security-guidance",
                "title": "Oplossingen"
            },
            {
                "category": "general",
                "text": "medium",
                "title": "Kans"
            },
            {
                "category": "general",
                "text": "high",
                "title": "Schade"
            },
            {
                "category": "general",
                "text": "Exposure of Sensitive Information to an Unauthorized Actor",
                "title": "CWE-200"
            }
        ],
        "publisher": {
            "category": "coordinator",
            "contact_details": "cert@ncsc.nl",
            "name": "Nationaal Cyber Security Centrum",
            "namespace": "https://www.ncsc.nl/"
        },
        "title": "Kwetsbaarheden verholpen in Microsoft Developer Tools",
        "tracking": {
            "current_release_date": "2026-07-14T18:37:02.554035Z",
            "generator": {
                "date": "2025-08-04T16:30:00Z",
                "engine": {
                    "name": "V.A.",
                    "version": "1.3"
                }
            },
            "id": "NCSC-2026-0235",
            "initial_release_date": "2026-07-14T18:37:02.554035Z",
            "revision_history": [
                {
                    "date": "2026-07-14T18:37:02.554035Z",
                    "number": "1.0.0",
                    "summary": "Initiele versie"
                }
            ],
            "status": "final",
            "version": "1.0.0"
        }
    },
    "product_tree": {
        "branches": [
            {
                "branches": [
                    {
                        "branches": [
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/*",
                                "product": {
                                    "name": "vers:unknown/*",
                                    "product_id": "CSAFPID-1"
                                }
                            }
                        ],
                        "category": "product_name",
                        "name": ".NET"
                    },
                    {
                        "branches": [
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/*",
                                "product": {
                                    "name": "vers:unknown/*",
                                    "product_id": "CSAFPID-2"
                                }
                            }
                        ],
                        "category": "product_name",
                        "name": ".NET 10.0 installed on Linux"
                    },
                    {
                        "branches": [
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/*",
                                "product": {
                                    "name": "vers:unknown/*",
                                    "product_id": "CSAFPID-3"
                                }
                            }
                        ],
                        "category": "product_name",
                        "name": ".NET 10.0 installed on Mac OS"
                    },
                    {
                        "branches": [
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/*",
                                "product": {
                                    "name": "vers:unknown/*",
                                    "product_id": "CSAFPID-4"
                                }
                            }
                        ],
                        "category": "product_name",
                        "name": ".NET 10.0 installed on Windows"
                    },
                    {
                        "branches": [
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/*",
                                "product": {
                                    "name": "vers:unknown/*",
                                    "product_id": "CSAFPID-5"
                                }
                            }
                        ],
                        "category": "product_name",
                        "name": ".NET 8.0 installed on Linux"
                    },
                    {
                        "branches": [
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/*",
                                "product": {
                                    "name": "vers:unknown/*",
                                    "product_id": "CSAFPID-6"
                                }
                            }
                        ],
                        "category": "product_name",
                        "name": ".NET 8.0 installed on Mac OS"
                    },
                    {
                        "branches": [
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/*",
                                "product": {
                                    "name": "vers:unknown/*",
                                    "product_id": "CSAFPID-7"
                                }
                            }
                        ],
                        "category": "product_name",
                        "name": ".NET 8.0 installed on Windows"
                    },
                    {
                        "branches": [
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/*",
                                "product": {
                                    "name": "vers:unknown/*",
                                    "product_id": "CSAFPID-8"
                                }
                            }
                        ],
                        "category": "product_name",
                        "name": ".NET 9.0 installed on Linux"
                    },
                    {
                        "branches": [
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/*",
                                "product": {
                                    "name": "vers:unknown/*",
                                    "product_id": "CSAFPID-9"
                                }
                            }
                        ],
                        "category": "product_name",
                        "name": ".NET 9.0 installed on Mac OS"
                    },
                    {
                        "branches": [
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/*",
                                "product": {
                                    "name": "vers:unknown/*",
                                    "product_id": "CSAFPID-10"
                                }
                            }
                        ],
                        "category": "product_name",
                        "name": ".NET 9.0 installed on Windows"
                    },
                    {
                        "branches": [
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/*",
                                "product": {
                                    "name": "vers:unknown/*",
                                    "product_id": "CSAFPID-11"
                                }
                            }
                        ],
                        "category": "product_name",
                        "name": ".NET Framework"
                    },
                    {
                        "branches": [
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/*",
                                "product": {
                                    "name": "vers:unknown/*",
                                    "product_id": "CSAFPID-12"
                                }
                            }
                        ],
                        "category": "product_name",
                        "name": "Azure"
                    },
                    {
                        "branches": [
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/*",
                                "product": {
                                    "name": "vers:unknown/*",
                                    "product_id": "CSAFPID-13"
                                }
                            }
                        ],
                        "category": "product_name",
                        "name": "Microsoft Visual Studio 2022 version 17.14"
                    },
                    {
                        "branches": [
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/*",
                                "product": {
                                    "name": "vers:unknown/*",
                                    "product_id": "CSAFPID-14"
                                }
                            }
                        ],
                        "category": "product_name",
                        "name": "Microsoft Visual Studio Code"
                    },
                    {
                        "branches": [
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/*",
                                "product": {
                                    "name": "vers:unknown/*",
                                    "product_id": "CSAFPID-15"
                                }
                            }
                        ],
                        "category": "product_name",
                        "name": "Microsoft Visual Studio Code CoPilot Chat Extension"
                    },
                    {
                        "branches": [
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/*",
                                "product": {
                                    "name": "vers:unknown/*",
                                    "product_id": "CSAFPID-16"
                                }
                            }
                        ],
                        "category": "product_name",
                        "name": "Microsoft.AspNet.OData"
                    },
                    {
                        "branches": [
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/*",
                                "product": {
                                    "name": "vers:unknown/*",
                                    "product_id": "CSAFPID-17"
                                }
                            }
                        ],
                        "category": "product_name",
                        "name": "Microsoft.AspNetCore.OData"
                    },
                    {
                        "branches": [
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/*",
                                "product": {
                                    "name": "vers:unknown/*",
                                    "product_id": "CSAFPID-18"
                                }
                            }
                        ],
                        "category": "product_name",
                        "name": "Visual Studio 2017"
                    },
                    {
                        "branches": [
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/*",
                                "product": {
                                    "name": "vers:unknown/*",
                                    "product_id": "CSAFPID-19"
                                }
                            }
                        ],
                        "category": "product_name",
                        "name": "Visual Studio 2019"
                    },
                    {
                        "branches": [
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/*",
                                "product": {
                                    "name": "vers:unknown/*",
                                    "product_id": "CSAFPID-20"
                                }
                            }
                        ],
                        "category": "product_name",
                        "name": "Visual Studio 2022"
                    },
                    {
                        "branches": [
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/*",
                                "product": {
                                    "name": "vers:unknown/*",
                                    "product_id": "CSAFPID-21"
                                }
                            }
                        ],
                        "category": "product_name",
                        "name": "Visual Studio 2026"
                    },
                    {
                        "branches": [
                            {
                                "category": "product_version_range",
                                "name": "vers:unknown/*",
                                "product": {
                                    "name": "vers:unknown/*",
                                    "product_id": "CSAFPID-22"
                                }
                            }
                        ],
                        "category": "product_name",
                        "name": "Visual Studio Code"
                    }
                ],
                "category": "vendor",
                "name": "Microsoft"
            }
        ]
    },
    "vulnerabilities": [
        {
            "cve": "CVE-2026-47300",
            "cwe": {
                "id": "CWE-303",
                "name": "Incorrect Implementation of Authentication Algorithm"
            },
            "notes": [
                {
                    "category": "other",
                    "text": "Incorrect Implementation of Authentication Algorithm",
                    "title": "CWE-303"
                },
                {
                    "category": "description",
                    "text": "An incorrect implementation of the authentication algorithm in ASP.NET Core allows an authorized attacker to remotely elevate privileges, posing a significant security risk.",
                    "title": "Summary"
                }
            ],
            "product_status": {
                "known_affected": [
                    "CSAFPID-1",
                    "CSAFPID-2",
                    "CSAFPID-3",
                    "CSAFPID-4",
                    "CSAFPID-5",
                    "CSAFPID-6",
                    "CSAFPID-7",
                    "CSAFPID-8",
                    "CSAFPID-9",
                    "CSAFPID-10",
                    "CSAFPID-11",
                    "CSAFPID-12",
                    "CSAFPID-13",
                    "CSAFPID-14",
                    "CSAFPID-15",
                    "CSAFPID-16",
                    "CSAFPID-17",
                    "CSAFPID-18",
                    "CSAFPID-19",
                    "CSAFPID-20",
                    "CSAFPID-21",
                    "CSAFPID-22"
                ]
            },
            "references": [
                {
                    "category": "self",
                    "summary": "CVE-2026-47300 | NCSC-NL Website",
                    "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-47300.json"
                }
            ],
            "scores": [
                {
                    "cvss_v3": {
                        "version": "3.1",
                        "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
                        "baseScore": 8.8,
                        "baseSeverity": "HIGH"
                    },
                    "products": [
                        "CSAFPID-1",
                        "CSAFPID-2",
                        "CSAFPID-3",
                        "CSAFPID-4",
                        "CSAFPID-5",
                        "CSAFPID-6",
                        "CSAFPID-7",
                        "CSAFPID-8",
                        "CSAFPID-9",
                        "CSAFPID-10",
                        "CSAFPID-11",
                        "CSAFPID-12",
                        "CSAFPID-13",
                        "CSAFPID-14",
                        "CSAFPID-15",
                        "CSAFPID-16",
                        "CSAFPID-17",
                        "CSAFPID-18",
                        "CSAFPID-19",
                        "CSAFPID-20",
                        "CSAFPID-21",
                        "CSAFPID-22"
                    ]
                }
            ],
            "title": "CVE-2026-47300"
        },
        {
            "cve": "CVE-2026-47302",
            "cwe": {
                "id": "CWE-770",
                "name": "Allocation of Resources Without Limits or Throttling"
            },
            "notes": [
                {
                    "category": "other",
                    "text": "Allocation of Resources Without Limits or Throttling",
                    "title": "CWE-770"
                },
                {
                    "category": "description",
                    "text": "Unrestricted resource allocation in .NET can allow unauthorized attackers to exploit the system, resulting in a denial of service over a network.",
                    "title": "Summary"
                }
            ],
            "product_status": {
                "known_affected": [
                    "CSAFPID-1",
                    "CSAFPID-2",
                    "CSAFPID-3",
                    "CSAFPID-4",
                    "CSAFPID-5",
                    "CSAFPID-6",
                    "CSAFPID-7",
                    "CSAFPID-8",
                    "CSAFPID-9",
                    "CSAFPID-10",
                    "CSAFPID-11",
                    "CSAFPID-12",
                    "CSAFPID-13",
                    "CSAFPID-14",
                    "CSAFPID-15",
                    "CSAFPID-16",
                    "CSAFPID-17",
                    "CSAFPID-18",
                    "CSAFPID-19",
                    "CSAFPID-20",
                    "CSAFPID-21",
                    "CSAFPID-22"
                ]
            },
            "references": [
                {
                    "category": "self",
                    "summary": "CVE-2026-47302 | NCSC-NL Website",
                    "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-47302.json"
                }
            ],
            "scores": [
                {
                    "cvss_v3": {
                        "version": "3.1",
                        "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
                        "baseScore": 7.5,
                        "baseSeverity": "HIGH"
                    },
                    "products": [
                        "CSAFPID-1",
                        "CSAFPID-2",
                        "CSAFPID-3",
                        "CSAFPID-4",
                        "CSAFPID-5",
                        "CSAFPID-6",
                        "CSAFPID-7",
                        "CSAFPID-8",
                        "CSAFPID-9",
                        "CSAFPID-10",
                        "CSAFPID-11",
                        "CSAFPID-12",
                        "CSAFPID-13",
                        "CSAFPID-14",
                        "CSAFPID-15",
                        "CSAFPID-16",
                        "CSAFPID-17",
                        "CSAFPID-18",
                        "CSAFPID-19",
                        "CSAFPID-20",
                        "CSAFPID-21",
                        "CSAFPID-22"
                    ]
                }
            ],
            "title": "CVE-2026-47302"
        },
        {
            "cve": "CVE-2026-47303",
            "cwe": {
                "id": "CWE-302",
                "name": "Authentication Bypass by Assumed-Immutable Data"
            },
            "notes": [
                {
                    "category": "other",
                    "text": "Authentication Bypass by Assumed-Immutable Data",
                    "title": "CWE-302"
                },
                {
                    "category": "other",
                    "text": "Incorrect Authorization",
                    "title": "CWE-863"
                },
                {
                    "category": "other",
                    "text": "Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection')",
                    "title": "CWE-90"
                },
                {
                    "category": "description",
                    "text": "An authentication bypass vulnerability in ASP.NET Core involving assumed-immutable data allows an authorized attacker to remotely elevate privileges.",
                    "title": "Summary"
                }
            ],
            "product_status": {
                "known_affected": [
                    "CSAFPID-1",
                    "CSAFPID-2",
                    "CSAFPID-3",
                    "CSAFPID-4",
                    "CSAFPID-5",
                    "CSAFPID-6",
                    "CSAFPID-7",
                    "CSAFPID-8",
                    "CSAFPID-9",
                    "CSAFPID-10",
                    "CSAFPID-11",
                    "CSAFPID-12",
                    "CSAFPID-13",
                    "CSAFPID-14",
                    "CSAFPID-15",
                    "CSAFPID-16",
                    "CSAFPID-17",
                    "CSAFPID-18",
                    "CSAFPID-19",
                    "CSAFPID-20",
                    "CSAFPID-21",
                    "CSAFPID-22"
                ]
            },
            "references": [
                {
                    "category": "self",
                    "summary": "CVE-2026-47303 | NCSC-NL Website",
                    "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-47303.json"
                }
            ],
            "scores": [
                {
                    "cvss_v3": {
                        "version": "3.1",
                        "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
                        "baseScore": 8.8,
                        "baseSeverity": "HIGH"
                    },
                    "products": [
                        "CSAFPID-1",
                        "CSAFPID-2",
                        "CSAFPID-3",
                        "CSAFPID-4",
                        "CSAFPID-5",
                        "CSAFPID-6",
                        "CSAFPID-7",
                        "CSAFPID-8",
                        "CSAFPID-9",
                        "CSAFPID-10",
                        "CSAFPID-11",
                        "CSAFPID-12",
                        "CSAFPID-13",
                        "CSAFPID-14",
                        "CSAFPID-15",
                        "CSAFPID-16",
                        "CSAFPID-17",
                        "CSAFPID-18",
                        "CSAFPID-19",
                        "CSAFPID-20",
                        "CSAFPID-21",
                        "CSAFPID-22"
                    ]
                }
            ],
            "title": "CVE-2026-47303"
        },
        {
            "cve": "CVE-2026-50524",
            "cwe": {
                "id": "CWE-1287",
                "name": "Improper Validation of Specified Type of Input"
            },
            "notes": [
                {
                    "category": "other",
                    "text": "Improper Validation of Specified Type of Input",
                    "title": "CWE-1287"
                },
                {
                    "category": "description",
                    "text": "An input validation flaw in the .NET Framework allows unauthorized attackers to trigger a denial of service condition remotely over a network.",
                    "title": "Summary"
                }
            ],
            "product_status": {
                "known_affected": [
                    "CSAFPID-1",
                    "CSAFPID-2",
                    "CSAFPID-3",
                    "CSAFPID-4",
                    "CSAFPID-5",
                    "CSAFPID-6",
                    "CSAFPID-7",
                    "CSAFPID-8",
                    "CSAFPID-9",
                    "CSAFPID-10",
                    "CSAFPID-11",
                    "CSAFPID-12",
                    "CSAFPID-13",
                    "CSAFPID-14",
                    "CSAFPID-15",
                    "CSAFPID-16",
                    "CSAFPID-17",
                    "CSAFPID-18",
                    "CSAFPID-19",
                    "CSAFPID-20",
                    "CSAFPID-21",
                    "CSAFPID-22"
                ]
            },
            "references": [
                {
                    "category": "self",
                    "summary": "CVE-2026-50524 | NCSC-NL Website",
                    "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-50524.json"
                }
            ],
            "scores": [
                {
                    "cvss_v3": {
                        "version": "3.1",
                        "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
                        "baseScore": 7.5,
                        "baseSeverity": "HIGH"
                    },
                    "products": [
                        "CSAFPID-1",
                        "CSAFPID-2",
                        "CSAFPID-3",
                        "CSAFPID-4",
                        "CSAFPID-5",
                        "CSAFPID-6",
                        "CSAFPID-7",
                        "CSAFPID-8",
                        "CSAFPID-9",
                        "CSAFPID-10",
                        "CSAFPID-11",
                        "CSAFPID-12",
                        "CSAFPID-13",
                        "CSAFPID-14",
                        "CSAFPID-15",
                        "CSAFPID-16",
                        "CSAFPID-17",
                        "CSAFPID-18",
                        "CSAFPID-19",
                        "CSAFPID-20",
                        "CSAFPID-21",
                        "CSAFPID-22"
                    ]
                }
            ],
            "title": "CVE-2026-50524"
        },
        {
            "cve": "CVE-2026-56170",
            "cwe": {
                "id": "CWE-770",
                "name": "Allocation of Resources Without Limits or Throttling"
            },
            "notes": [
                {
                    "category": "other",
                    "text": "Allocation of Resources Without Limits or Throttling",
                    "title": "CWE-770"
                },
                {
                    "category": "description",
                    "text": "An allocation of resources without limits or throttling in ASP.NET Core enables unauthorized attackers to perform denial of service attacks over a network.",
                    "title": "Summary"
                }
            ],
            "product_status": {
                "known_affected": [
                    "CSAFPID-1",
                    "CSAFPID-2",
                    "CSAFPID-3",
                    "CSAFPID-4",
                    "CSAFPID-5",
                    "CSAFPID-6",
                    "CSAFPID-7",
                    "CSAFPID-8",
                    "CSAFPID-9",
                    "CSAFPID-10",
                    "CSAFPID-11",
                    "CSAFPID-12",
                    "CSAFPID-13",
                    "CSAFPID-14",
                    "CSAFPID-15",
                    "CSAFPID-16",
                    "CSAFPID-17",
                    "CSAFPID-18",
                    "CSAFPID-19",
                    "CSAFPID-20",
                    "CSAFPID-21",
                    "CSAFPID-22"
                ]
            },
            "references": [
                {
                    "category": "self",
                    "summary": "CVE-2026-56170 | NCSC-NL Website",
                    "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-56170.json"
                }
            ],
            "scores": [
                {
                    "cvss_v3": {
                        "version": "3.1",
                        "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                        "baseScore": 7.5,
                        "baseSeverity": "HIGH"
                    },
                    "products": [
                        "CSAFPID-1",
                        "CSAFPID-2",
                        "CSAFPID-3",
                        "CSAFPID-4",
                        "CSAFPID-5",
                        "CSAFPID-6",
                        "CSAFPID-7",
                        "CSAFPID-8",
                        "CSAFPID-9",
                        "CSAFPID-10",
                        "CSAFPID-11",
                        "CSAFPID-12",
                        "CSAFPID-13",
                        "CSAFPID-14",
                        "CSAFPID-15",
                        "CSAFPID-16",
                        "CSAFPID-17",
                        "CSAFPID-18",
                        "CSAFPID-19",
                        "CSAFPID-20",
                        "CSAFPID-21",
                        "CSAFPID-22"
                    ]
                }
            ],
            "title": "CVE-2026-56170"
        },
        {
            "cve": "CVE-2026-47304",
            "cwe": {
                "id": "CWE-347",
                "name": "Improper Verification of Cryptographic Signature"
            },
            "notes": [
                {
                    "category": "other",
                    "text": "Improper Verification of Cryptographic Signature",
                    "title": "CWE-347"
                },
                {
                    "category": "description",
                    "text": "Improper verification of cryptographic signatures in the .NET framework allows unauthorized attackers to bypass security mechanisms over a network, potentially compromising application integrity and security.",
                    "title": "Summary"
                }
            ],
            "product_status": {
                "known_affected": [
                    "CSAFPID-1",
                    "CSAFPID-2",
                    "CSAFPID-3",
                    "CSAFPID-4",
                    "CSAFPID-5",
                    "CSAFPID-6",
                    "CSAFPID-7",
                    "CSAFPID-8",
                    "CSAFPID-9",
                    "CSAFPID-10",
                    "CSAFPID-11",
                    "CSAFPID-12",
                    "CSAFPID-13",
                    "CSAFPID-14",
                    "CSAFPID-15",
                    "CSAFPID-16",
                    "CSAFPID-17",
                    "CSAFPID-18",
                    "CSAFPID-19",
                    "CSAFPID-20",
                    "CSAFPID-21",
                    "CSAFPID-22"
                ]
            },
            "references": [
                {
                    "category": "self",
                    "summary": "CVE-2026-47304 | NCSC-NL Website",
                    "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-47304.json"
                }
            ],
            "scores": [
                {
                    "cvss_v3": {
                        "version": "3.1",
                        "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
                        "baseScore": 8.1,
                        "baseSeverity": "HIGH"
                    },
                    "products": [
                        "CSAFPID-1",
                        "CSAFPID-2",
                        "CSAFPID-3",
                        "CSAFPID-4",
                        "CSAFPID-5",
                        "CSAFPID-6",
                        "CSAFPID-7",
                        "CSAFPID-8",
                        "CSAFPID-9",
                        "CSAFPID-10",
                        "CSAFPID-11",
                        "CSAFPID-12",
                        "CSAFPID-13",
                        "CSAFPID-14",
                        "CSAFPID-15",
                        "CSAFPID-16",
                        "CSAFPID-17",
                        "CSAFPID-18",
                        "CSAFPID-19",
                        "CSAFPID-20",
                        "CSAFPID-21",
                        "CSAFPID-22"
                    ]
                }
            ],
            "title": "CVE-2026-47304"
        },
        {
            "cve": "CVE-2026-50525",
            "cwe": {
                "id": "CWE-770",
                "name": "Allocation of Resources Without Limits or Throttling"
            },
            "notes": [
                {
                    "category": "other",
                    "text": "Allocation of Resources Without Limits or Throttling",
                    "title": "CWE-770"
                },
                {
                    "category": "description",
                    "text": "Unrestricted resource allocation in .NET can allow unauthorized attackers to exploit the system, resulting in a denial of service over a network.",
                    "title": "Summary"
                }
            ],
            "product_status": {
                "known_affected": [
                    "CSAFPID-1",
                    "CSAFPID-2",
                    "CSAFPID-3",
                    "CSAFPID-4",
                    "CSAFPID-5",
                    "CSAFPID-6",
                    "CSAFPID-7",
                    "CSAFPID-8",
                    "CSAFPID-9",
                    "CSAFPID-10",
                    "CSAFPID-11",
                    "CSAFPID-12",
                    "CSAFPID-13",
                    "CSAFPID-14",
                    "CSAFPID-15",
                    "CSAFPID-16",
                    "CSAFPID-17",
                    "CSAFPID-18",
                    "CSAFPID-19",
                    "CSAFPID-20",
                    "CSAFPID-21",
                    "CSAFPID-22"
                ]
            },
            "references": [
                {
                    "category": "self",
                    "summary": "CVE-2026-50525 | NCSC-NL Website",
                    "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-50525.json"
                }
            ],
            "scores": [
                {
                    "cvss_v3": {
                        "version": "3.1",
                        "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
                        "baseScore": 7.5,
                        "baseSeverity": "HIGH"
                    },
                    "products": [
                        "CSAFPID-1",
                        "CSAFPID-2",
                        "CSAFPID-3",
                        "CSAFPID-4",
                        "CSAFPID-5",
                        "CSAFPID-6",
                        "CSAFPID-7",
                        "CSAFPID-8",
                        "CSAFPID-9",
                        "CSAFPID-10",
                        "CSAFPID-11",
                        "CSAFPID-12",
                        "CSAFPID-13",
                        "CSAFPID-14",
                        "CSAFPID-15",
                        "CSAFPID-16",
                        "CSAFPID-17",
                        "CSAFPID-18",
                        "CSAFPID-19",
                        "CSAFPID-20",
                        "CSAFPID-21",
                        "CSAFPID-22"
                    ]
                }
            ],
            "title": "CVE-2026-50525"
        },
        {
            "cve": "CVE-2026-50526",
            "cwe": {
                "id": "CWE-59",
                "name": "Improper Link Resolution Before File Access ('Link Following')"
            },
            "notes": [
                {
                    "category": "other",
                    "text": "Improper Link Resolution Before File Access ('Link Following')",
                    "title": "CWE-59"
                },
                {
                    "category": "description",
                    "text": "An improper link resolution vulnerability in the .NET framework permits an authorized local attacker to tamper with files, potentially compromising system integrity.",
                    "title": "Summary"
                }
            ],
            "product_status": {
                "known_affected": [
                    "CSAFPID-1",
                    "CSAFPID-2",
                    "CSAFPID-3",
                    "CSAFPID-4",
                    "CSAFPID-5",
                    "CSAFPID-6",
                    "CSAFPID-7",
                    "CSAFPID-8",
                    "CSAFPID-9",
                    "CSAFPID-10",
                    "CSAFPID-11",
                    "CSAFPID-12",
                    "CSAFPID-13",
                    "CSAFPID-14",
                    "CSAFPID-15",
                    "CSAFPID-16",
                    "CSAFPID-17",
                    "CSAFPID-18",
                    "CSAFPID-19",
                    "CSAFPID-20",
                    "CSAFPID-21",
                    "CSAFPID-22"
                ]
            },
            "references": [
                {
                    "category": "self",
                    "summary": "CVE-2026-50526 | NCSC-NL Website",
                    "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-50526.json"
                }
            ],
            "scores": [
                {
                    "cvss_v3": {
                        "version": "3.1",
                        "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
                        "baseScore": 7.0,
                        "baseSeverity": "HIGH"
                    },
                    "products": [
                        "CSAFPID-1",
                        "CSAFPID-2",
                        "CSAFPID-3",
                        "CSAFPID-4",
                        "CSAFPID-5",
                        "CSAFPID-6",
                        "CSAFPID-7",
                        "CSAFPID-8",
                        "CSAFPID-9",
                        "CSAFPID-10",
                        "CSAFPID-11",
                        "CSAFPID-12",
                        "CSAFPID-13",
                        "CSAFPID-14",
                        "CSAFPID-15",
                        "CSAFPID-16",
                        "CSAFPID-17",
                        "CSAFPID-18",
                        "CSAFPID-19",
                        "CSAFPID-20",
                        "CSAFPID-21",
                        "CSAFPID-22"
                    ]
                }
            ],
            "title": "CVE-2026-50526"
        },
        {
            "cve": "CVE-2026-50527",
            "cwe": {
                "id": "CWE-121",
                "name": "Stack-based Buffer Overflow"
            },
            "notes": [
                {
                    "category": "other",
                    "text": "Stack-based Buffer Overflow",
                    "title": "CWE-121"
                },
                {
                    "category": "description",
                    "text": "A stack-based buffer overflow vulnerability in the .NET Framework allows unauthorized attackers to cause a denial of service over a network, impacting system stability and availability.",
                    "title": "Summary"
                }
            ],
            "product_status": {
                "known_affected": [
                    "CSAFPID-1",
                    "CSAFPID-2",
                    "CSAFPID-3",
                    "CSAFPID-4",
                    "CSAFPID-5",
                    "CSAFPID-6",
                    "CSAFPID-7",
                    "CSAFPID-8",
                    "CSAFPID-9",
                    "CSAFPID-10",
                    "CSAFPID-11",
                    "CSAFPID-12",
                    "CSAFPID-13",
                    "CSAFPID-14",
                    "CSAFPID-15",
                    "CSAFPID-16",
                    "CSAFPID-17",
                    "CSAFPID-18",
                    "CSAFPID-19",
                    "CSAFPID-20",
                    "CSAFPID-21",
                    "CSAFPID-22"
                ]
            },
            "references": [
                {
                    "category": "self",
                    "summary": "CVE-2026-50527 | NCSC-NL Website",
                    "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-50527.json"
                }
            ],
            "scores": [
                {
                    "cvss_v3": {
                        "version": "3.1",
                        "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
                        "baseScore": 7.5,
                        "baseSeverity": "HIGH"
                    },
                    "products": [
                        "CSAFPID-1",
                        "CSAFPID-2",
                        "CSAFPID-3",
                        "CSAFPID-4",
                        "CSAFPID-5",
                        "CSAFPID-6",
                        "CSAFPID-7",
                        "CSAFPID-8",
                        "CSAFPID-9",
                        "CSAFPID-10",
                        "CSAFPID-11",
                        "CSAFPID-12",
                        "CSAFPID-13",
                        "CSAFPID-14",
                        "CSAFPID-15",
                        "CSAFPID-16",
                        "CSAFPID-17",
                        "CSAFPID-18",
                        "CSAFPID-19",
                        "CSAFPID-20",
                        "CSAFPID-21",
                        "CSAFPID-22"
                    ]
                }
            ],
            "title": "CVE-2026-50527"
        },
        {
            "cve": "CVE-2026-50528",
            "cwe": {
                "id": "CWE-302",
                "name": "Authentication Bypass by Assumed-Immutable Data"
            },
            "notes": [
                {
                    "category": "other",
                    "text": "Authentication Bypass by Assumed-Immutable Data",
                    "title": "CWE-302"
                },
                {
                    "category": "other",
                    "text": "Not Failing Securely ('Failing Open')",
                    "title": "CWE-636"
                },
                {
                    "category": "other",
                    "text": "Incorrect Authorization",
                    "title": "CWE-863"
                },
                {
                    "category": "description",
                    "text": "An incorrect authorization vulnerability in the .NET framework allows remote attackers to bypass security controls, potentially leading to unauthorized access.",
                    "title": "Summary"
                }
            ],
            "product_status": {
                "known_affected": [
                    "CSAFPID-1",
                    "CSAFPID-2",
                    "CSAFPID-3",
                    "CSAFPID-4",
                    "CSAFPID-5",
                    "CSAFPID-6",
                    "CSAFPID-7",
                    "CSAFPID-8",
                    "CSAFPID-9",
                    "CSAFPID-10",
                    "CSAFPID-11",
                    "CSAFPID-12",
                    "CSAFPID-13",
                    "CSAFPID-14",
                    "CSAFPID-15",
                    "CSAFPID-16",
                    "CSAFPID-17",
                    "CSAFPID-18",
                    "CSAFPID-19",
                    "CSAFPID-20",
                    "CSAFPID-21",
                    "CSAFPID-22"
                ]
            },
            "references": [
                {
                    "category": "self",
                    "summary": "CVE-2026-50528 | NCSC-NL Website",
                    "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-50528.json"
                }
            ],
            "scores": [
                {
                    "cvss_v3": {
                        "version": "3.1",
                        "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N/E:U/RL:O/RC:C",
                        "baseScore": 8.2,
                        "baseSeverity": "HIGH"
                    },
                    "products": [
                        "CSAFPID-1",
                        "CSAFPID-2",
                        "CSAFPID-3",
                        "CSAFPID-4",
                        "CSAFPID-5",
                        "CSAFPID-6",
                        "CSAFPID-7",
                        "CSAFPID-8",
                        "CSAFPID-9",
                        "CSAFPID-10",
                        "CSAFPID-11",
                        "CSAFPID-12",
                        "CSAFPID-13",
                        "CSAFPID-14",
                        "CSAFPID-15",
                        "CSAFPID-16",
                        "CSAFPID-17",
                        "CSAFPID-18",
                        "CSAFPID-19",
                        "CSAFPID-20",
                        "CSAFPID-21",
                        "CSAFPID-22"
                    ]
                }
            ],
            "title": "CVE-2026-50528"
        },
        {
            "cve": "CVE-2026-50648",
            "cwe": {
                "id": "CWE-770",
                "name": "Allocation of Resources Without Limits or Throttling"
            },
            "notes": [
                {
                    "category": "other",
                    "text": "Allocation of Resources Without Limits or Throttling",
                    "title": "CWE-770"
                },
                {
                    "category": "description",
                    "text": "An unthrottled resource allocation vulnerability in the .NET Framework allows an unauthorized attacker to cause a denial of service over a network by exhausting system resources.",
                    "title": "Summary"
                }
            ],
            "product_status": {
                "known_affected": [
                    "CSAFPID-1",
                    "CSAFPID-2",
                    "CSAFPID-3",
                    "CSAFPID-4",
                    "CSAFPID-5",
                    "CSAFPID-6",
                    "CSAFPID-7",
                    "CSAFPID-8",
                    "CSAFPID-9",
                    "CSAFPID-10",
                    "CSAFPID-11",
                    "CSAFPID-12",
                    "CSAFPID-13",
                    "CSAFPID-14",
                    "CSAFPID-15",
                    "CSAFPID-16",
                    "CSAFPID-17",
                    "CSAFPID-18",
                    "CSAFPID-19",
                    "CSAFPID-20",
                    "CSAFPID-21",
                    "CSAFPID-22"
                ]
            },
            "references": [
                {
                    "category": "self",
                    "summary": "CVE-2026-50648 | NCSC-NL Website",
                    "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-50648.json"
                }
            ],
            "scores": [
                {
                    "cvss_v3": {
                        "version": "3.1",
                        "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
                        "baseScore": 7.5,
                        "baseSeverity": "HIGH"
                    },
                    "products": [
                        "CSAFPID-1",
                        "CSAFPID-2",
                        "CSAFPID-3",
                        "CSAFPID-4",
                        "CSAFPID-5",
                        "CSAFPID-6",
                        "CSAFPID-7",
                        "CSAFPID-8",
                        "CSAFPID-9",
                        "CSAFPID-10",
                        "CSAFPID-11",
                        "CSAFPID-12",
                        "CSAFPID-13",
                        "CSAFPID-14",
                        "CSAFPID-15",
                        "CSAFPID-16",
                        "CSAFPID-17",
                        "CSAFPID-18",
                        "CSAFPID-19",
                        "CSAFPID-20",
                        "CSAFPID-21",
                        "CSAFPID-22"
                    ]
                }
            ],
            "title": "CVE-2026-50648"
        },
        {
            "cve": "CVE-2026-50651",
            "cwe": {
                "id": "CWE-770",
                "name": "Allocation of Resources Without Limits or Throttling"
            },
            "notes": [
                {
                    "category": "other",
                    "text": "Allocation of Resources Without Limits or Throttling",
                    "title": "CWE-770"
                },
                {
                    "category": "description",
                    "text": "Unrestricted resource allocation in .NET can allow unauthorized attackers to exploit the system, resulting in a denial of service over a network.",
                    "title": "Summary"
                }
            ],
            "product_status": {
                "known_affected": [
                    "CSAFPID-1",
                    "CSAFPID-2",
                    "CSAFPID-3",
                    "CSAFPID-4",
                    "CSAFPID-5",
                    "CSAFPID-6",
                    "CSAFPID-7",
                    "CSAFPID-8",
                    "CSAFPID-9",
                    "CSAFPID-10",
                    "CSAFPID-11",
                    "CSAFPID-12",
                    "CSAFPID-13",
                    "CSAFPID-14",
                    "CSAFPID-15",
                    "CSAFPID-16",
                    "CSAFPID-17",
                    "CSAFPID-18",
                    "CSAFPID-19",
                    "CSAFPID-20",
                    "CSAFPID-21",
                    "CSAFPID-22"
                ]
            },
            "references": [
                {
                    "category": "self",
                    "summary": "CVE-2026-50651 | NCSC-NL Website",
                    "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-50651.json"
                }
            ],
            "scores": [
                {
                    "cvss_v3": {
                        "version": "3.1",
                        "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
                        "baseScore": 7.5,
                        "baseSeverity": "HIGH"
                    },
                    "products": [
                        "CSAFPID-1",
                        "CSAFPID-2",
                        "CSAFPID-3",
                        "CSAFPID-4",
                        "CSAFPID-5",
                        "CSAFPID-6",
                        "CSAFPID-7",
                        "CSAFPID-8",
                        "CSAFPID-9",
                        "CSAFPID-10",
                        "CSAFPID-11",
                        "CSAFPID-12",
                        "CSAFPID-13",
                        "CSAFPID-14",
                        "CSAFPID-15",
                        "CSAFPID-16",
                        "CSAFPID-17",
                        "CSAFPID-18",
                        "CSAFPID-19",
                        "CSAFPID-20",
                        "CSAFPID-21",
                        "CSAFPID-22"
                    ]
                }
            ],
            "title": "CVE-2026-50651"
        },
        {
            "cve": "CVE-2026-50659",
            "cwe": {
                "id": "CWE-116",
                "name": "Improper Encoding or Escaping of Output"
            },
            "notes": [
                {
                    "category": "other",
                    "text": "Improper Encoding or Escaping of Output",
                    "title": "CWE-116"
                },
                {
                    "category": "description",
                    "text": "Improper encoding or escaping of output in .NET can allow an authorized attacker to perform network spoofing by manipulating network communications.",
                    "title": "Summary"
                }
            ],
            "product_status": {
                "known_affected": [
                    "CSAFPID-1",
                    "CSAFPID-2",
                    "CSAFPID-3",
                    "CSAFPID-4",
                    "CSAFPID-5",
                    "CSAFPID-6",
                    "CSAFPID-7",
                    "CSAFPID-8",
                    "CSAFPID-9",
                    "CSAFPID-10",
                    "CSAFPID-11",
                    "CSAFPID-12",
                    "CSAFPID-13",
                    "CSAFPID-14",
                    "CSAFPID-15",
                    "CSAFPID-16",
                    "CSAFPID-17",
                    "CSAFPID-18",
                    "CSAFPID-19",
                    "CSAFPID-20",
                    "CSAFPID-21",
                    "CSAFPID-22"
                ]
            },
            "references": [
                {
                    "category": "self",
                    "summary": "CVE-2026-50659 | NCSC-NL Website",
                    "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-50659.json"
                }
            ],
            "scores": [
                {
                    "cvss_v3": {
                        "version": "3.1",
                        "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C",
                        "baseScore": 6.5,
                        "baseSeverity": "MEDIUM"
                    },
                    "products": [
                        "CSAFPID-1",
                        "CSAFPID-2",
                        "CSAFPID-3",
                        "CSAFPID-4",
                        "CSAFPID-5",
                        "CSAFPID-6",
                        "CSAFPID-7",
                        "CSAFPID-8",
                        "CSAFPID-9",
                        "CSAFPID-10",
                        "CSAFPID-11",
                        "CSAFPID-12",
                        "CSAFPID-13",
                        "CSAFPID-14",
                        "CSAFPID-15",
                        "CSAFPID-16",
                        "CSAFPID-17",
                        "CSAFPID-18",
                        "CSAFPID-19",
                        "CSAFPID-20",
                        "CSAFPID-21",
                        "CSAFPID-22"
                    ]
                }
            ],
            "title": "CVE-2026-50659"
        },
        {
            "cve": "CVE-2026-57108",
            "cwe": {
                "id": "CWE-843",
                "name": "Access of Resource Using Incompatible Type ('Type Confusion')"
            },
            "notes": [
                {
                    "category": "other",
                    "text": "Access of Resource Using Incompatible Type ('Type Confusion')",
                    "title": "CWE-843"
                },
                {
                    "category": "description",
                    "text": "A type confusion vulnerability in .NET Core allows unauthorized attackers to cause a denial of service by accessing resources using incompatible types over a network.",
                    "title": "Summary"
                }
            ],
            "product_status": {
                "known_affected": [
                    "CSAFPID-1",
                    "CSAFPID-2",
                    "CSAFPID-3",
                    "CSAFPID-4",
                    "CSAFPID-5",
                    "CSAFPID-6",
                    "CSAFPID-7",
                    "CSAFPID-8",
                    "CSAFPID-9",
                    "CSAFPID-10",
                    "CSAFPID-11",
                    "CSAFPID-12",
                    "CSAFPID-13",
                    "CSAFPID-14",
                    "CSAFPID-15",
                    "CSAFPID-16",
                    "CSAFPID-17",
                    "CSAFPID-18",
                    "CSAFPID-19",
                    "CSAFPID-20",
                    "CSAFPID-21",
                    "CSAFPID-22"
                ]
            },
            "references": [
                {
                    "category": "self",
                    "summary": "CVE-2026-57108 | NCSC-NL Website",
                    "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-57108.json"
                }
            ],
            "scores": [
                {
                    "cvss_v3": {
                        "version": "3.1",
                        "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
                        "baseScore": 7.5,
                        "baseSeverity": "HIGH"
                    },
                    "products": [
                        "CSAFPID-1",
                        "CSAFPID-2",
                        "CSAFPID-3",
                        "CSAFPID-4",
                        "CSAFPID-5",
                        "CSAFPID-6",
                        "CSAFPID-7",
                        "CSAFPID-8",
                        "CSAFPID-9",
                        "CSAFPID-10",
                        "CSAFPID-11",
                        "CSAFPID-12",
                        "CSAFPID-13",
                        "CSAFPID-14",
                        "CSAFPID-15",
                        "CSAFPID-16",
                        "CSAFPID-17",
                        "CSAFPID-18",
                        "CSAFPID-19",
                        "CSAFPID-20",
                        "CSAFPID-21",
                        "CSAFPID-22"
                    ]
                }
            ],
            "title": "CVE-2026-57108"
        },
        {
            "cve": "CVE-2026-50646",
            "cwe": {
                "id": "CWE-502",
                "name": "Deserialization of Untrusted Data"
            },
            "notes": [
                {
                    "category": "other",
                    "text": "Deserialization of Untrusted Data",
                    "title": "CWE-502"
                },
                {
                    "category": "description",
                    "text": "A protection mechanism failure in the .NET Framework allows an attacker to execute unauthorized local code, posing a significant security risk.",
                    "title": "Summary"
                }
            ],
            "product_status": {
                "known_affected": [
                    "CSAFPID-1",
                    "CSAFPID-2",
                    "CSAFPID-3",
                    "CSAFPID-4",
                    "CSAFPID-5",
                    "CSAFPID-6",
                    "CSAFPID-7",
                    "CSAFPID-8",
                    "CSAFPID-9",
                    "CSAFPID-10",
                    "CSAFPID-11",
                    "CSAFPID-12",
                    "CSAFPID-13",
                    "CSAFPID-14",
                    "CSAFPID-15",
                    "CSAFPID-16",
                    "CSAFPID-17",
                    "CSAFPID-18",
                    "CSAFPID-19",
                    "CSAFPID-20",
                    "CSAFPID-21",
                    "CSAFPID-22"
                ]
            },
            "references": [
                {
                    "category": "self",
                    "summary": "CVE-2026-50646 | NCSC-NL Website",
                    "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-50646.json"
                }
            ],
            "scores": [
                {
                    "cvss_v3": {
                        "version": "3.1",
                        "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
                        "baseScore": 7.8,
                        "baseSeverity": "HIGH"
                    },
                    "products": [
                        "CSAFPID-1",
                        "CSAFPID-2",
                        "CSAFPID-3",
                        "CSAFPID-4",
                        "CSAFPID-5",
                        "CSAFPID-6",
                        "CSAFPID-7",
                        "CSAFPID-8",
                        "CSAFPID-9",
                        "CSAFPID-10",
                        "CSAFPID-11",
                        "CSAFPID-12",
                        "CSAFPID-13",
                        "CSAFPID-14",
                        "CSAFPID-15",
                        "CSAFPID-16",
                        "CSAFPID-17",
                        "CSAFPID-18",
                        "CSAFPID-19",
                        "CSAFPID-20",
                        "CSAFPID-21",
                        "CSAFPID-22"
                    ]
                }
            ],
            "title": "CVE-2026-50646"
        },
        {
            "cve": "CVE-2026-50649",
            "cwe": {
                "id": "CWE-502",
                "name": "Deserialization of Untrusted Data"
            },
            "notes": [
                {
                    "category": "other",
                    "text": "Deserialization of Untrusted Data",
                    "title": "CWE-502"
                },
                {
                    "category": "description",
                    "text": "Deserialization of untrusted data in .NET environments can allow unauthorized attackers to execute arbitrary code locally, posing significant security risks.",
                    "title": "Summary"
                }
            ],
            "product_status": {
                "known_affected": [
                    "CSAFPID-1",
                    "CSAFPID-2",
                    "CSAFPID-3",
                    "CSAFPID-4",
                    "CSAFPID-5",
                    "CSAFPID-6",
                    "CSAFPID-7",
                    "CSAFPID-8",
                    "CSAFPID-9",
                    "CSAFPID-10",
                    "CSAFPID-11",
                    "CSAFPID-12",
                    "CSAFPID-13",
                    "CSAFPID-14",
                    "CSAFPID-15",
                    "CSAFPID-16",
                    "CSAFPID-17",
                    "CSAFPID-18",
                    "CSAFPID-19",
                    "CSAFPID-20",
                    "CSAFPID-21",
                    "CSAFPID-22"
                ]
            },
            "references": [
                {
                    "category": "self",
                    "summary": "CVE-2026-50649 | NCSC-NL Website",
                    "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-50649.json"
                }
            ],
            "scores": [
                {
                    "cvss_v3": {
                        "version": "3.1",
                        "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
                        "baseScore": 7.8,
                        "baseSeverity": "HIGH"
                    },
                    "products": [
                        "CSAFPID-1",
                        "CSAFPID-2",
                        "CSAFPID-3",
                        "CSAFPID-4",
                        "CSAFPID-5",
                        "CSAFPID-6",
                        "CSAFPID-7",
                        "CSAFPID-8",
                        "CSAFPID-9",
                        "CSAFPID-10",
                        "CSAFPID-11",
                        "CSAFPID-12",
                        "CSAFPID-13",
                        "CSAFPID-14",
                        "CSAFPID-15",
                        "CSAFPID-16",
                        "CSAFPID-17",
                        "CSAFPID-18",
                        "CSAFPID-19",
                        "CSAFPID-20",
                        "CSAFPID-21",
                        "CSAFPID-22"
                    ]
                }
            ],
            "title": "CVE-2026-50649"
        },
        {
            "cve": "CVE-2026-50650",
            "cwe": {
                "id": "CWE-94",
                "name": "Improper Control of Generation of Code ('Code Injection')"
            },
            "notes": [
                {
                    "category": "other",
                    "text": "Improper Control of Generation of Code ('Code Injection')",
                    "title": "CWE-94"
                },
                {
                    "category": "description",
                    "text": "A vulnerability in the .NET Framework's code generation control allows unauthorized local privilege escalation by improper handling of code execution permissions.",
                    "title": "Summary"
                }
            ],
            "product_status": {
                "known_affected": [
                    "CSAFPID-1",
                    "CSAFPID-2",
                    "CSAFPID-3",
                    "CSAFPID-4",
                    "CSAFPID-5",
                    "CSAFPID-6",
                    "CSAFPID-7",
                    "CSAFPID-8",
                    "CSAFPID-9",
                    "CSAFPID-10",
                    "CSAFPID-11",
                    "CSAFPID-12",
                    "CSAFPID-13",
                    "CSAFPID-14",
                    "CSAFPID-15",
                    "CSAFPID-16",
                    "CSAFPID-17",
                    "CSAFPID-18",
                    "CSAFPID-19",
                    "CSAFPID-20",
                    "CSAFPID-21",
                    "CSAFPID-22"
                ]
            },
            "references": [
                {
                    "category": "self",
                    "summary": "CVE-2026-50650 | NCSC-NL Website",
                    "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-50650.json"
                }
            ],
            "scores": [
                {
                    "cvss_v3": {
                        "version": "3.1",
                        "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
                        "baseScore": 7.8,
                        "baseSeverity": "HIGH"
                    },
                    "products": [
                        "CSAFPID-1",
                        "CSAFPID-2",
                        "CSAFPID-3",
                        "CSAFPID-4",
                        "CSAFPID-5",
                        "CSAFPID-6",
                        "CSAFPID-7",
                        "CSAFPID-8",
                        "CSAFPID-9",
                        "CSAFPID-10",
                        "CSAFPID-11",
                        "CSAFPID-12",
                        "CSAFPID-13",
                        "CSAFPID-14",
                        "CSAFPID-15",
                        "CSAFPID-16",
                        "CSAFPID-17",
                        "CSAFPID-18",
                        "CSAFPID-19",
                        "CSAFPID-20",
                        "CSAFPID-21",
                        "CSAFPID-22"
                    ]
                }
            ],
            "title": "CVE-2026-50650"
        },
        {
            "cve": "CVE-2026-50506",
            "cwe": {
                "id": "CWE-770",
                "name": "Allocation of Resources Without Limits or Throttling"
            },
            "notes": [
                {
                    "category": "other",
                    "text": "Allocation of Resources Without Limits or Throttling",
                    "title": "CWE-770"
                },
                {
                    "category": "description",
                    "text": "An allocation of resources without limits or throttling in ASP.NET Core enables unauthorized attackers to perform denial of service attacks over a network.",
                    "title": "Summary"
                }
            ],
            "product_status": {
                "known_affected": [
                    "CSAFPID-1",
                    "CSAFPID-2",
                    "CSAFPID-3",
                    "CSAFPID-4",
                    "CSAFPID-5",
                    "CSAFPID-6",
                    "CSAFPID-7",
                    "CSAFPID-8",
                    "CSAFPID-9",
                    "CSAFPID-10",
                    "CSAFPID-11",
                    "CSAFPID-12",
                    "CSAFPID-13",
                    "CSAFPID-14",
                    "CSAFPID-15",
                    "CSAFPID-16",
                    "CSAFPID-17",
                    "CSAFPID-18",
                    "CSAFPID-19",
                    "CSAFPID-20",
                    "CSAFPID-21",
                    "CSAFPID-22"
                ]
            },
            "references": [
                {
                    "category": "self",
                    "summary": "CVE-2026-50506 | NCSC-NL Website",
                    "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-50506.json"
                }
            ],
            "scores": [
                {
                    "cvss_v3": {
                        "version": "3.1",
                        "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
                        "baseScore": 7.5,
                        "baseSeverity": "HIGH"
                    },
                    "products": [
                        "CSAFPID-1",
                        "CSAFPID-2",
                        "CSAFPID-3",
                        "CSAFPID-4",
                        "CSAFPID-5",
                        "CSAFPID-6",
                        "CSAFPID-7",
                        "CSAFPID-8",
                        "CSAFPID-9",
                        "CSAFPID-10",
                        "CSAFPID-11",
                        "CSAFPID-12",
                        "CSAFPID-13",
                        "CSAFPID-14",
                        "CSAFPID-15",
                        "CSAFPID-16",
                        "CSAFPID-17",
                        "CSAFPID-18",
                        "CSAFPID-19",
                        "CSAFPID-20",
                        "CSAFPID-21",
                        "CSAFPID-22"
                    ]
                }
            ],
            "title": "CVE-2026-50506"
        },
        {
            "cve": "CVE-2026-45646",
            "cwe": {
                "id": "CWE-770",
                "name": "Allocation of Resources Without Limits or Throttling"
            },
            "notes": [
                {
                    "category": "other",
                    "text": "Allocation of Resources Without Limits or Throttling",
                    "title": "CWE-770"
                },
                {
                    "category": "description",
                    "text": "An allocation of resources without limits or throttling in ASP.NET Core enables unauthorized attackers to perform denial of service attacks over a network.",
                    "title": "Summary"
                }
            ],
            "product_status": {
                "known_affected": [
                    "CSAFPID-1",
                    "CSAFPID-2",
                    "CSAFPID-3",
                    "CSAFPID-4",
                    "CSAFPID-5",
                    "CSAFPID-6",
                    "CSAFPID-7",
                    "CSAFPID-8",
                    "CSAFPID-9",
                    "CSAFPID-10",
                    "CSAFPID-11",
                    "CSAFPID-12",
                    "CSAFPID-13",
                    "CSAFPID-14",
                    "CSAFPID-15",
                    "CSAFPID-16",
                    "CSAFPID-17",
                    "CSAFPID-18",
                    "CSAFPID-19",
                    "CSAFPID-20",
                    "CSAFPID-21",
                    "CSAFPID-22"
                ]
            },
            "references": [
                {
                    "category": "self",
                    "summary": "CVE-2026-45646 | NCSC-NL Website",
                    "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-45646.json"
                }
            ],
            "scores": [
                {
                    "cvss_v3": {
                        "version": "3.1",
                        "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                        "baseScore": 7.5,
                        "baseSeverity": "HIGH"
                    },
                    "products": [
                        "CSAFPID-1",
                        "CSAFPID-2",
                        "CSAFPID-3",
                        "CSAFPID-4",
                        "CSAFPID-5",
                        "CSAFPID-6",
                        "CSAFPID-7",
                        "CSAFPID-8",
                        "CSAFPID-9",
                        "CSAFPID-10",
                        "CSAFPID-11",
                        "CSAFPID-12",
                        "CSAFPID-13",
                        "CSAFPID-14",
                        "CSAFPID-15",
                        "CSAFPID-16",
                        "CSAFPID-17",
                        "CSAFPID-18",
                        "CSAFPID-19",
                        "CSAFPID-20",
                        "CSAFPID-21",
                        "CSAFPID-22"
                    ]
                }
            ],
            "title": "CVE-2026-45646"
        },
        {
            "cve": "CVE-2026-47282",
            "cwe": {
                "id": "CWE-522",
                "name": "Insufficiently Protected Credentials"
            },
            "notes": [
                {
                    "category": "other",
                    "text": "Insufficiently Protected Credentials",
                    "title": "CWE-522"
                },
                {
                    "category": "description",
                    "text": "Insufficiently protected credentials in GitHub Copilot and Visual Studio Code allow unauthorized attackers to disclose sensitive information over a network.",
                    "title": "Summary"
                }
            ],
            "product_status": {
                "known_affected": [
                    "CSAFPID-1",
                    "CSAFPID-2",
                    "CSAFPID-3",
                    "CSAFPID-4",
                    "CSAFPID-5",
                    "CSAFPID-6",
                    "CSAFPID-7",
                    "CSAFPID-8",
                    "CSAFPID-9",
                    "CSAFPID-10",
                    "CSAFPID-11",
                    "CSAFPID-12",
                    "CSAFPID-13",
                    "CSAFPID-14",
                    "CSAFPID-15",
                    "CSAFPID-16",
                    "CSAFPID-17",
                    "CSAFPID-18",
                    "CSAFPID-19",
                    "CSAFPID-20",
                    "CSAFPID-21",
                    "CSAFPID-22"
                ]
            },
            "references": [
                {
                    "category": "self",
                    "summary": "CVE-2026-47282 | NCSC-NL Website",
                    "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-47282.json"
                }
            ],
            "scores": [
                {
                    "cvss_v3": {
                        "version": "3.1",
                        "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
                        "baseScore": 6.5,
                        "baseSeverity": "MEDIUM"
                    },
                    "products": [
                        "CSAFPID-1",
                        "CSAFPID-2",
                        "CSAFPID-3",
                        "CSAFPID-4",
                        "CSAFPID-5",
                        "CSAFPID-6",
                        "CSAFPID-7",
                        "CSAFPID-8",
                        "CSAFPID-9",
                        "CSAFPID-10",
                        "CSAFPID-11",
                        "CSAFPID-12",
                        "CSAFPID-13",
                        "CSAFPID-14",
                        "CSAFPID-15",
                        "CSAFPID-16",
                        "CSAFPID-17",
                        "CSAFPID-18",
                        "CSAFPID-19",
                        "CSAFPID-20",
                        "CSAFPID-21",
                        "CSAFPID-22"
                    ]
                }
            ],
            "title": "CVE-2026-47282"
        },
        {
            "cve": "CVE-2026-45496",
            "cwe": {
                "id": "CWE-22",
                "name": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"
            },
            "notes": [
                {
                    "category": "other",
                    "text": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
                    "title": "CWE-22"
                },
                {
                    "category": "description",
                    "text": "A path traversal vulnerability in Visual Studio Code allows unauthorized local attackers to bypass security restrictions by improperly limiting pathnames to restricted directories.",
                    "title": "Summary"
                }
            ],
            "product_status": {
                "known_affected": [
                    "CSAFPID-1",
                    "CSAFPID-2",
                    "CSAFPID-3",
                    "CSAFPID-4",
                    "CSAFPID-5",
                    "CSAFPID-6",
                    "CSAFPID-7",
                    "CSAFPID-8",
                    "CSAFPID-9",
                    "CSAFPID-10",
                    "CSAFPID-11",
                    "CSAFPID-12",
                    "CSAFPID-13",
                    "CSAFPID-14",
                    "CSAFPID-15",
                    "CSAFPID-16",
                    "CSAFPID-17",
                    "CSAFPID-18",
                    "CSAFPID-19",
                    "CSAFPID-20",
                    "CSAFPID-21",
                    "CSAFPID-22"
                ]
            },
            "references": [
                {
                    "category": "self",
                    "summary": "CVE-2026-45496 | NCSC-NL Website",
                    "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-45496.json"
                }
            ],
            "scores": [
                {
                    "cvss_v3": {
                        "version": "3.1",
                        "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
                        "baseScore": 5.5,
                        "baseSeverity": "MEDIUM"
                    },
                    "products": [
                        "CSAFPID-1",
                        "CSAFPID-2",
                        "CSAFPID-3",
                        "CSAFPID-4",
                        "CSAFPID-5",
                        "CSAFPID-6",
                        "CSAFPID-7",
                        "CSAFPID-8",
                        "CSAFPID-9",
                        "CSAFPID-10",
                        "CSAFPID-11",
                        "CSAFPID-12",
                        "CSAFPID-13",
                        "CSAFPID-14",
                        "CSAFPID-15",
                        "CSAFPID-16",
                        "CSAFPID-17",
                        "CSAFPID-18",
                        "CSAFPID-19",
                        "CSAFPID-20",
                        "CSAFPID-21",
                        "CSAFPID-22"
                    ]
                }
            ],
            "title": "CVE-2026-45496"
        },
        {
            "cve": "CVE-2026-50520",
            "cwe": {
                "id": "CWE-77",
                "name": "Improper Neutralization of Special Elements used in a Command ('Command Injection')"
            },
            "notes": [
                {
                    "category": "other",
                    "text": "Improper Neutralization of Special Elements used in a Command ('Command Injection')",
                    "title": "CWE-77"
                },
                {
                    "category": "description",
                    "text": "Improper neutralization of special elements in commands within Visual Studio Code can allow unauthorized local code execution by attackers.",
                    "title": "Summary"
                }
            ],
            "product_status": {
                "known_affected": [
                    "CSAFPID-1",
                    "CSAFPID-2",
                    "CSAFPID-3",
                    "CSAFPID-4",
                    "CSAFPID-5",
                    "CSAFPID-6",
                    "CSAFPID-7",
                    "CSAFPID-8",
                    "CSAFPID-9",
                    "CSAFPID-10",
                    "CSAFPID-11",
                    "CSAFPID-12",
                    "CSAFPID-13",
                    "CSAFPID-14",
                    "CSAFPID-15",
                    "CSAFPID-16",
                    "CSAFPID-17",
                    "CSAFPID-18",
                    "CSAFPID-19",
                    "CSAFPID-20",
                    "CSAFPID-21",
                    "CSAFPID-22"
                ]
            },
            "references": [
                {
                    "category": "self",
                    "summary": "CVE-2026-50520 | NCSC-NL Website",
                    "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-50520.json"
                }
            ],
            "scores": [
                {
                    "cvss_v3": {
                        "version": "3.1",
                        "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                        "baseScore": 8.4,
                        "baseSeverity": "HIGH"
                    },
                    "products": [
                        "CSAFPID-1",
                        "CSAFPID-2",
                        "CSAFPID-3",
                        "CSAFPID-4",
                        "CSAFPID-5",
                        "CSAFPID-6",
                        "CSAFPID-7",
                        "CSAFPID-8",
                        "CSAFPID-9",
                        "CSAFPID-10",
                        "CSAFPID-11",
                        "CSAFPID-12",
                        "CSAFPID-13",
                        "CSAFPID-14",
                        "CSAFPID-15",
                        "CSAFPID-16",
                        "CSAFPID-17",
                        "CSAFPID-18",
                        "CSAFPID-19",
                        "CSAFPID-20",
                        "CSAFPID-21",
                        "CSAFPID-22"
                    ]
                }
            ],
            "title": "CVE-2026-50520"
        },
        {
            "cve": "CVE-2026-41109",
            "notes": [
                {
                    "category": "description",
                    "text": "Improper neutralization of special elements in output by GitHub Copilot and Visual Studio enables unauthorized attackers to bypass security features over a network via injection vulnerabilities.",
                    "title": "Summary"
                }
            ],
            "product_status": {
                "known_affected": [
                    "CSAFPID-1",
                    "CSAFPID-2",
                    "CSAFPID-3",
                    "CSAFPID-4",
                    "CSAFPID-5",
                    "CSAFPID-6",
                    "CSAFPID-7",
                    "CSAFPID-8",
                    "CSAFPID-9",
                    "CSAFPID-10",
                    "CSAFPID-11",
                    "CSAFPID-12",
                    "CSAFPID-13",
                    "CSAFPID-14",
                    "CSAFPID-15",
                    "CSAFPID-16",
                    "CSAFPID-17",
                    "CSAFPID-18",
                    "CSAFPID-19",
                    "CSAFPID-20",
                    "CSAFPID-21",
                    "CSAFPID-22"
                ]
            },
            "references": [
                {
                    "category": "self",
                    "summary": "CVE-2026-41109 | NCSC-NL Website",
                    "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-41109.json"
                }
            ],
            "scores": [
                {
                    "cvss_v3": {
                        "version": "3.1",
                        "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
                        "baseScore": 8.8,
                        "baseSeverity": "HIGH"
                    },
                    "products": [
                        "CSAFPID-1",
                        "CSAFPID-2",
                        "CSAFPID-3",
                        "CSAFPID-4",
                        "CSAFPID-5",
                        "CSAFPID-6",
                        "CSAFPID-7",
                        "CSAFPID-8",
                        "CSAFPID-9",
                        "CSAFPID-10",
                        "CSAFPID-11",
                        "CSAFPID-12",
                        "CSAFPID-13",
                        "CSAFPID-14",
                        "CSAFPID-15",
                        "CSAFPID-16",
                        "CSAFPID-17",
                        "CSAFPID-18",
                        "CSAFPID-19",
                        "CSAFPID-20",
                        "CSAFPID-21",
                        "CSAFPID-22"
                    ]
                }
            ],
            "title": "CVE-2026-41109"
        },
        {
            "cve": "CVE-2026-57101",
            "cwe": {
                "id": "CWE-79",
                "name": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
            },
            "notes": [
                {
                    "category": "other",
                    "text": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
                    "title": "CWE-79"
                },
                {
                    "category": "description",
                    "text": "An input neutralization flaw in Visual Studio Code's web page generation allows a local unauthorized attacker to bypass security features.",
                    "title": "Summary"
                }
            ],
            "product_status": {
                "known_affected": [
                    "CSAFPID-1",
                    "CSAFPID-2",
                    "CSAFPID-3",
                    "CSAFPID-4",
                    "CSAFPID-5",
                    "CSAFPID-6",
                    "CSAFPID-7",
                    "CSAFPID-8",
                    "CSAFPID-9",
                    "CSAFPID-10",
                    "CSAFPID-11",
                    "CSAFPID-12",
                    "CSAFPID-13",
                    "CSAFPID-14",
                    "CSAFPID-15",
                    "CSAFPID-16",
                    "CSAFPID-17",
                    "CSAFPID-18",
                    "CSAFPID-19",
                    "CSAFPID-20",
                    "CSAFPID-21",
                    "CSAFPID-22"
                ]
            },
            "references": [
                {
                    "category": "self",
                    "summary": "CVE-2026-57101 | NCSC-NL Website",
                    "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-57101.json"
                }
            ],
            "scores": [
                {
                    "cvss_v3": {
                        "version": "3.1",
                        "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C",
                        "baseScore": 7.1,
                        "baseSeverity": "HIGH"
                    },
                    "products": [
                        "CSAFPID-1",
                        "CSAFPID-2",
                        "CSAFPID-3",
                        "CSAFPID-4",
                        "CSAFPID-5",
                        "CSAFPID-6",
                        "CSAFPID-7",
                        "CSAFPID-8",
                        "CSAFPID-9",
                        "CSAFPID-10",
                        "CSAFPID-11",
                        "CSAFPID-12",
                        "CSAFPID-13",
                        "CSAFPID-14",
                        "CSAFPID-15",
                        "CSAFPID-16",
                        "CSAFPID-17",
                        "CSAFPID-18",
                        "CSAFPID-19",
                        "CSAFPID-20",
                        "CSAFPID-21",
                        "CSAFPID-22"
                    ]
                }
            ],
            "title": "CVE-2026-57101"
        },
        {
            "cve": "CVE-2026-57102",
            "cwe": {
                "id": "CWE-829",
                "name": "Inclusion of Functionality from Untrusted Control Sphere"
            },
            "notes": [
                {
                    "category": "other",
                    "text": "Inclusion of Functionality from Untrusted Control Sphere",
                    "title": "CWE-829"
                },
                {
                    "category": "description",
                    "text": "A vulnerability in Visual Studio Code allows an unauthorized attacker to bypass a security feature over a network by including functionality from an untrusted control sphere.",
                    "title": "Summary"
                }
            ],
            "product_status": {
                "known_affected": [
                    "CSAFPID-1",
                    "CSAFPID-2",
                    "CSAFPID-3",
                    "CSAFPID-4",
                    "CSAFPID-5",
                    "CSAFPID-6",
                    "CSAFPID-7",
                    "CSAFPID-8",
                    "CSAFPID-9",
                    "CSAFPID-10",
                    "CSAFPID-11",
                    "CSAFPID-12",
                    "CSAFPID-13",
                    "CSAFPID-14",
                    "CSAFPID-15",
                    "CSAFPID-16",
                    "CSAFPID-17",
                    "CSAFPID-18",
                    "CSAFPID-19",
                    "CSAFPID-20",
                    "CSAFPID-21",
                    "CSAFPID-22"
                ]
            },
            "references": [
                {
                    "category": "self",
                    "summary": "CVE-2026-57102 | NCSC-NL Website",
                    "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-57102.json"
                }
            ],
            "scores": [
                {
                    "cvss_v3": {
                        "version": "3.1",
                        "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
                        "baseScore": 8.8,
                        "baseSeverity": "HIGH"
                    },
                    "products": [
                        "CSAFPID-1",
                        "CSAFPID-2",
                        "CSAFPID-3",
                        "CSAFPID-4",
                        "CSAFPID-5",
                        "CSAFPID-6",
                        "CSAFPID-7",
                        "CSAFPID-8",
                        "CSAFPID-9",
                        "CSAFPID-10",
                        "CSAFPID-11",
                        "CSAFPID-12",
                        "CSAFPID-13",
                        "CSAFPID-14",
                        "CSAFPID-15",
                        "CSAFPID-16",
                        "CSAFPID-17",
                        "CSAFPID-18",
                        "CSAFPID-19",
                        "CSAFPID-20",
                        "CSAFPID-21",
                        "CSAFPID-22"
                    ]
                }
            ],
            "title": "CVE-2026-57102"
        },
        {
            "cve": "CVE-2026-47305",
            "notes": [
                {
                    "category": "description",
                    "text": "A protection mechanism failure in Visual Studio allows an attacker to execute unauthorized local code, posing a significant security risk.",
                    "title": "Summary"
                }
            ],
            "product_status": {
                "known_affected": [
                    "CSAFPID-1",
                    "CSAFPID-2",
                    "CSAFPID-3",
                    "CSAFPID-4",
                    "CSAFPID-5",
                    "CSAFPID-6",
                    "CSAFPID-7",
                    "CSAFPID-8",
                    "CSAFPID-9",
                    "CSAFPID-10",
                    "CSAFPID-11",
                    "CSAFPID-12",
                    "CSAFPID-13",
                    "CSAFPID-14",
                    "CSAFPID-15",
                    "CSAFPID-16",
                    "CSAFPID-17",
                    "CSAFPID-18",
                    "CSAFPID-19",
                    "CSAFPID-20",
                    "CSAFPID-21",
                    "CSAFPID-22"
                ]
            },
            "references": [
                {
                    "category": "self",
                    "summary": "CVE-2026-47305 | NCSC-NL Website",
                    "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-47305.json"
                }
            ],
            "scores": [
                {
                    "cvss_v3": {
                        "version": "3.1",
                        "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
                        "baseScore": 7.8,
                        "baseSeverity": "HIGH"
                    },
                    "products": [
                        "CSAFPID-1",
                        "CSAFPID-2",
                        "CSAFPID-3",
                        "CSAFPID-4",
                        "CSAFPID-5",
                        "CSAFPID-6",
                        "CSAFPID-7",
                        "CSAFPID-8",
                        "CSAFPID-9",
                        "CSAFPID-10",
                        "CSAFPID-11",
                        "CSAFPID-12",
                        "CSAFPID-13",
                        "CSAFPID-14",
                        "CSAFPID-15",
                        "CSAFPID-16",
                        "CSAFPID-17",
                        "CSAFPID-18",
                        "CSAFPID-19",
                        "CSAFPID-20",
                        "CSAFPID-21",
                        "CSAFPID-22"
                    ]
                }
            ],
            "title": "CVE-2026-47305"
        }
    ]
}