Microsoft Net Framework 3 5

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2026-33116 NuGet HIGH PATCH GHSA Exploit Unlikely This Week

Infinite loop denial-of-service vulnerability in Microsoft .NET Framework (3.5 through 4.8.1), .NET 8.0, 9.0, and 10.0 allows unauthenticated remote attackers to exhaust server resources via specially crafted network requests. The vulnerability (CWE-835) stems from unreachable loop exit conditions in core .NET processing logic, enabling complete service disruption with low attack complexity. Vendor-released patches are available across all affected product lines. No public exploit identified at

Denial Of Service Net 10 0 Net 8 0 Net 9 0 Microsoft Net Framework 3 5 +5
NVD VulDB
CVSS 3.1
7.5
EPSS
0.9%
CVE-2026-33116 NuGet
EPSS 1% CVSS 7.5
HIGH PATCH Exploit Unlikely This Week

Infinite loop denial-of-service vulnerability in Microsoft .NET Framework (3.5 through 4.8.1), .NET 8.0, 9.0, and 10.0 allows unauthenticated remote attackers to exhaust server resources via specially crafted network requests. The vulnerability (CWE-835) stems from unreachable loop exit conditions in core .NET processing logic, enabling complete service disruption with low attack complexity. Vendor-released patches are available across all affected product lines. No public exploit identified at

Denial Of Service Net 10 0 Net 8 0 +7
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy