CVE-2026-26130

HIGH
2026-03-10 [email protected] GHSA-4vgm-c2wm-63mw
7.5
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

3
Patch Released
Apr 02, 2026 - 13:58 nvd
Patch available
Analysis Generated
Mar 12, 2026 - 21:55 vuln.today
CVE Published
Mar 10, 2026 - 18:18 nvd
HIGH 7.5

Tags

Denial Of Service Redhat Suse

Description

Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network.

Analysis

Uncontrolled resource allocation in ASP.NET Core enables unauthenticated remote attackers to exhaust system resources and cause denial of service without requiring user interaction. The vulnerability affects .NET applications exposed to network access, allowing attackers to trigger unbounded resource consumption from any network location. …

Sign in for full analysis, threat intelligence, and remediation guidance.

Remediation

Within 24 hours: Inventory all ASP.NET Core instances and assess which are internet-facing or handle critical services. Within 7 days: Apply available vendor patches to all affected ASP.NET Core systems, prioritizing production environments. …

Sign in for detailed remediation steps.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

Priority Score

39
Low Medium High Critical
KEV: 0
EPSS: +1.3
CVSS: +38
POC: 0

Vendor Status

Share

CVE-2026-26130 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy