Skip to main content

Microsoft .NET CVE-2026-45491

| EUVD-2026-35675 MEDIUM
Improper Link Resolution Before File Access (CWE-59)
2026-06-09 secure@microsoft.com GHSA-7q4v-2mr6-5gpx
Authentication Bypass Red Hat Suse
6.2
CVSS 3.1 · NVD
Temporal: 5.4
Share

Severity by source

NVD PRIMARY
6.2 MEDIUM
AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
ENISA EUVD
HIGH
qualitative
CIRCL (temporal)
5.4 MEDIUM
cvss
SUSE
MEDIUM
qualitative
Red Hat
6.2 MEDIUM
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
High
Availability
None

Lifecycle Timeline

1
Analysis Generated
Jun 09, 2026 - 19:43 vuln.today

DescriptionCVE.org

Improper link resolution before file access ('link following') in .NET allows an unauthorized attacker to perform tampering locally.

AnalysisAI

Local file tampering via symlink/junction following in Microsoft .NET runtimes 8.0, 9.0, and 10.0 allows a local unauthenticated attacker to redirect file operations to unintended targets, achieving high-integrity impact without requiring elevated privileges. The vulnerability stems from improper link resolution (CWE-59) before file access, enabling unauthorized modification of files the attacker would otherwise lack write access to. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts
Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Gain local system foothold
Delivery
Identify .NET service file I/O path
Exploit
Plant malicious symlink or junction at target path
Execution
Trigger .NET file write operation
Persist
Redirect write to privileged target file
Impact
Tamper with security-relevant file contents
Sign in to reveal

Vulnerability AssessmentAI

Exploitation Local access to the target system is required - the attack vector is explicitly local (AV:L), meaning remote network-only access is insufficient. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 3.1 base score of 6.2 is driven by local attack vector (AV:L), low complexity (AC:L), no privileges required (PR:N), no user interaction (UI:N), unchanged scope (S:U), no confidentiality impact (C:N), high integrity impact (I:H), and no availability impact (A:N). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario A local attacker with a low-privileged account on a Windows or Linux system running a vulnerable .NET version creates a symbolic link or directory junction at a path that a .NET service or application is expected to write to, pointing the link to a privileged target such as a system configuration file or executable. When the .NET runtime subsequently performs a file operation at that path without adequately validating the resolved link target, the write is redirected to the attacker-chosen destination - achieving unauthorized file modification. …
Remediation Upgrade to the vendor-released patched versions: .NET 8.0.28, .NET 9.0.17, or .NET 10.0.9, as applicable. … Detailed patch versions, workarounds, and compensating controls in full report.
Sign in to read full assessment

Threat intelligence, references, and detailed analysis are available after sign-in.

Vendor StatusVendor

SUSE

Severity: Moderate
Product Status
SUSE Liberty Linux 10 Fixed
SUSE Liberty Linux 8 Fixed
SUSE Liberty Linux 9 Fixed

Share

CVE-2026-45491 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy