EUVD-2026-22635
GHSA-37gx-xxp4-5rgx
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
1DescriptionNVD
Loop with unreachable exit condition ('infinite loop') in .NET, .NET Framework, Visual Studio allows an unauthorized attacker to deny service over a network.
AnalysisAI
Infinite loop denial-of-service vulnerability in Microsoft .NET Framework (3.5 through 4.8.1), .NET 8.0, 9.0, and 10.0 allows unauthenticated remote attackers to exhaust server resources via specially crafted network requests. The vulnerability (CWE-835) stems from unreachable loop exit conditions in core .NET processing logic, enabling complete service disruption with low attack complexity. …
Sign in for full analysis, threat intelligence, and remediation guidance.
RemediationAI
Within 24 hours: Identify all systems running affected .NET versions (Framework 3.5-4.8.1, .NET 8.0, 9.0, 10.0) and prioritize internet-facing applications. Within 7 days: Apply vendor-released patches to all affected .NET Framework and .NET runtime installations; consult Microsoft Security Advisory for specific version numbers. …
Sign in for detailed remediation steps.
Share
External POC / Exploit Code
Leaving vuln.today