Skip to main content

Net 10 0 EUVD-2026-22591

| CVE-2026-32203 HIGH
Stack-based Buffer Overflow (CWE-121)
2026-04-14 microsoft
Stack Overflow Buffer Overflow Net 10 0 Net 8 0 Net 9 0 Microsoft Visual Studio 2022 Version 17 12 Microsoft Visual Studio 2022 Version 17 14
7.5
CVSS 3.1 · NVD
Temporal: 6.5
Share

Severity by source

NVD PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
ENISA EUVD
HIGH
qualitative
CIRCL (temporal)
6.5 MEDIUM
cvss
SUSE
HIGH
qualitative
Red Hat
7.5 HIGH
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

6
Re-analysis Queued
Apr 17, 2026 - 15:22 vuln.today
cvss_changed
Analysis Generated
Apr 14, 2026 - 19:35 vuln.today
EUVD ID Assigned
Apr 14, 2026 - 17:46 euvd
EUVD-2026-22591
Analysis Generated
Apr 14, 2026 - 17:46 vuln.today
Patch released
Apr 14, 2026 - 17:46 nvd
Patch available
CVE Published
Apr 14, 2026 - 16:58 nvd
HIGH 7.5

DescriptionCVE.org

Stack-based buffer overflow in .NET and Visual Studio allows an unauthorized attacker to deny service over a network.

AnalysisAI

Denial of service via stack buffer overflow in .NET (versions 8.0, 9.0, 10.0) and Visual Studio 2022 (versions 17.12, 17.14) allows unauthenticated remote attackers to crash affected applications over the network. The vulnerability has a CVSS score of 7.5 (High) with low attack complexity and no privileges required. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts
Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Identify internet-facing .NET application
Delivery
Craft malformed network request with oversized data
Exploit
Send request to vulnerable endpoint
Execution
Trigger stack buffer overflow in .NET runtime
Impact
Application crashes (denial of service)
Sign in to reveal

Vulnerability AssessmentAI

Exploitation Remote unauthenticated attacker can trigger denial of service against .NET and Visual Studio installations accepting network input processed by vulnerable buffer handling. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS base score of 7.5 reflects a High severity rating, driven by the network attack vector, low complexity, and high availability impact. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An unauthenticated attacker sends a specially crafted network request to a public-facing .NET web application or API endpoint, triggering a stack buffer overflow in the request processing pipeline. The malformed input causes the application to overwrite stack memory, resulting in an immediate crash and service outage. …
Remediation Vendor-released patches are available from Microsoft Security Response Center. … Detailed patch versions, workarounds, and compensating controls in full report.
Sign in to read full assessment

Recommended ActionAI

Within 24 hours: Inventory all .NET 8.0, 9.0, and 10.0 deployments and Visual Studio 2022 instances running versions 17.12 or 17.14; disable remote access to affected services if operationally feasible. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Vendor StatusVendor

SUSE

Severity: High
Product Status
SUSE Liberty Linux 10 Fixed
SUSE Liberty Linux 8 Fixed
SUSE Liberty Linux 9 Fixed

Share

EUVD-2026-22591 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy