Skip to main content

Asp Net Core 10 0

1 CVEs product

Monthly

CVE-2026-40372 NuGet CRITICAL PATCH GHSA Exploit Unlikely Act Now

Cryptographic signature verification bypass in ASP.NET Core 10.0 enables remote unauthenticated attackers to forge authentication tokens and gain unauthorized access to protected resources. Tagged as a JWT attack involving authentication bypass, this vulnerability allows complete compromise of confidentiality and integrity without requiring any special conditions (AV:N/AC:L/PR:N/UI:N). Microsoft has released a security update addressing this flaw. No active exploitation confirmed in CISA KEV at time of analysis, though the authentication bypass nature and network-accessible attack surface present significant risk for widely deployed ASP.NET Core applications.

Authentication Bypass Jwt Attack Asp Net Core 10 0
NVD VulDB GitHub
CVSS 3.1
9.1
EPSS
0.0%
EPSS 0% CVSS 9.1
CRITICAL PATCH Exploit Unlikely Act Now

Cryptographic signature verification bypass in ASP.NET Core 10.0 enables remote unauthenticated attackers to forge authentication tokens and gain unauthorized access to protected resources. Tagged as a JWT attack involving authentication bypass, this vulnerability allows complete compromise of confidentiality and integrity without requiring any special conditions (AV:N/AC:L/PR:N/UI:N). Microsoft has released a security update addressing this flaw. No active exploitation confirmed in CISA KEV at time of analysis, though the authentication bypass nature and network-accessible attack surface present significant risk for widely deployed ASP.NET Core applications.

Authentication Bypass Jwt Attack Asp Net Core 10 0
NVD VulDB GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy