Skip to main content

Microsoft Visual Studio 2017 Version 15 9 Includes 15 0 15 8

2 CVEs product

Monthly

CVE-2026-32175 NuGet MEDIUM POC PATCH GHSA Exploit Unlikely This Month

A tampering vulnerability exists when .NET Core improperly handles specially crafted files. An attacker who successfully exploited this vulnerability could write arbitrary files and directories to certain locations on a vulnerable system. However, an attacker would have limited control over the destination of the files and directories. To exploit the vulnerability, an attacker must send a specially crafted file to a vulnerable system. The security update fixes the vulnerability by ensuring .NET Core properly handles files.

Information Disclosure Net 10 0 Net 8 0 Net 9 0 Microsoft Visual Studio 2017 Version 15 9 Includes 15 0 15 8 +4
NVD VulDB GitHub
CVSS 3.1
4.3
EPSS
0.1%
CVE-2026-32177 HIGH POC PATCH Exploit Unlikely This Week

Local privilege escalation in Microsoft .NET Framework (versions 3.5 through 10.0) and Visual Studio 2017 occurs through heap-based buffer overflow exploitation requiring user interaction with a malicious file. Attackers without initial privileges can achieve high-level code execution and data access by convincing a user to open a specially crafted document or application. Microsoft has released patches across all affected .NET versions per MSRC advisory, indicating this is a vendor-confirmed issue requiring immediate remediation for systems where users process untrusted .NET content.

Heap Overflow Buffer Overflow Net 10 0 Net 8 0 Net 9 0 +11
NVD VulDB GitHub
CVSS 3.1
7.3
EPSS
0.1%
EPSS 0% CVSS 4.3
MEDIUM POC PATCH Exploit Unlikely This Month

A tampering vulnerability exists when .NET Core improperly handles specially crafted files. An attacker who successfully exploited this vulnerability could write arbitrary files and directories to certain locations on a vulnerable system. However, an attacker would have limited control over the destination of the files and directories. To exploit the vulnerability, an attacker must send a specially crafted file to a vulnerable system. The security update fixes the vulnerability by ensuring .NET Core properly handles files.

Information Disclosure Net 10 0 Net 8 0 +6
NVD VulDB GitHub
EPSS 0% CVSS 7.3
HIGH POC PATCH Exploit Unlikely This Week

Local privilege escalation in Microsoft .NET Framework (versions 3.5 through 10.0) and Visual Studio 2017 occurs through heap-based buffer overflow exploitation requiring user interaction with a malicious file. Attackers without initial privileges can achieve high-level code execution and data access by convincing a user to open a specially crafted document or application. Microsoft has released patches across all affected .NET versions per MSRC advisory, indicating this is a vendor-confirmed issue requiring immediate remediation for systems where users process untrusted .NET content.

Heap Overflow Buffer Overflow Net 10 0 +13
NVD VulDB GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy