EUVD-2026-22562

| CVE-2026-32178 HIGH
2026-04-14 microsoft GHSA-vmwf-m9c5-3jvc
Authentication Bypass Net 10 0 Net 8 0 Net 9 0 Microsoft Visual Studio 2022 Version 17 12 Microsoft Visual Studio 2022 Version 17 14
7.5
CVSS 3.1
Share

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

1
Analysis Generated
Apr 14, 2026 - 19:21 vuln.today

DescriptionNVD

Improper neutralization of special elements in .NET allows an unauthorized attacker to perform spoofing over a network.

AnalysisAI

Information disclosure in Microsoft .NET 8.0, 9.0, 10.0, and Visual Studio 2022 allows unauthenticated remote attackers to access sensitive data through improper neutralization of special elements. This spoofing vulnerability (CWE-138) enables attackers to bypass authentication mechanisms and extract high-confidentiality information over the network with low attack complexity. …

Sign in for full analysis, threat intelligence, and remediation guidance.

RemediationAI

Within 24 hours: Identify all internal systems running affected .NET versions (8.0, 9.0, 10.0) and Visual Studio 2022 via asset inventory and scan results. Within 7 days: Apply vendor-released patches to all affected .NET runtimes and Visual Studio 2022 instances; prioritize internet-facing applications and development environments. …

Sign in for detailed remediation steps.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

Share

EUVD-2026-22562 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy