Net
Monthly
MSE Diffie-Hellman key exchange in Net::BitTorrent (Perl, all versions through 2.0.1) is rendered cryptographically transparent to passive network observers because Perl's non-cryptographic rand() function generates the 160-bit DH private key in KeyExchange.pm, and the same PRNG sequence simultaneously produces cleartext random padding transmitted during the same handshake. A passive eavesdropper who captures the handshake can recover the drand48 PRNG state from the observable padding bytes, reconstruct the private key, derive the RC4 session keys, and fully decrypt the MSE-encrypted stream - completely defeating the passive-observation obfuscation MSE is designed to provide. No public exploit has been identified at time of analysis, but the recovery is deterministic and requires only standard number theory once the handshake is captured.
Net::BitTorrent versions through 2.0.1 for Perl allow remote memory exhaustion via deeply nested bencoded input. bdecode recurses once per nested list or dictionary level with no depth cap, and each recursive call receives the remaining buffer by value while the list and dictionary branches capture the whole remainder, so every live recursion frame keeps its own copy of the shrinking buffer (O(N^2) bytes for an N-deep input). The decoder runs on every untrusted bencode source: .torrent files, BEP09 metadata fetched from peers, DHT messages, and tracker responses. A bencoded input of roughly 150,000 nested lists (about 150 KB on the wire) drives multi-gigabyte peak memory, so one short message from any peer, or one crafted .torrent file or magnet link, terminates the client.
Remote memory exhaustion in the Net::BitTorrent Perl module (all versions through 2.0.1) lets any unauthenticated peer in a torrent swarm crash the downloading process by abusing the peer-wire protocol's length-prefix framing. Because the decoder buffers an entire announced message before processing and trusts an attacker-supplied length prefix of up to ~4 GiB, a single malicious peer can drive the victim's memory toward exhaustion. There is no public exploit identified at time of analysis and no CISA KEV listing, but the attack is trivial and requires no authentication; EPSS data was not provided.
Arbitrary file write in Net::BitTorrent 2.0.1 and earlier allows a malicious BitTorrent peer to place attacker-controlled content at attacker-chosen filesystem paths outside the designated download directory. The library validates path components on the .torrent ingest path but omits identical validation for peer-supplied metadata received via the BEP09 ut_metadata extension, causing file names containing '..' segments to resolve to traversal targets when passed to Storage::add_file. Because the attacking peer controls both the piece hashes and the served bytes, content verification passes silently, making the write invisible to the application. No public exploit has been identified at time of analysis, and this CVE is not listed in CISA KEV.
Metric injection in the Perl module Net::Statsite::Client through version 1.1.0 allows attackers controlling metric names or values to inject arbitrary statsite protocol commands by smuggling newlines, colons, and pipe characters that the library fails to sanitize. The flaw maps to CWE-93 (CRLF Injection) and affects any application that forwards untrusted input into metric reporting. No public exploit identified at time of analysis, and the issue is not on CISA KEV.
Remote denial of service in ASP.NET Core enables unauthenticated network attackers to exhaust server resources and disrupt application availability. The CVSS 7.5 score reflects high availability impact with low attack complexity and no required privileges or user interaction, though no public exploit identified at time of analysis. Microsoft (secure@microsoft.com) is the reporting source via MSRC, indicating a vendor-coordinated disclosure.
Local file tampering via symlink/junction following in Microsoft .NET runtimes 8.0, 9.0, and 10.0 allows a local unauthenticated attacker to redirect file operations to unintended targets, achieving high-integrity impact without requiring elevated privileges. The vulnerability stems from improper link resolution (CWE-59) before file access, enabling unauthorized modification of files the attacker would otherwise lack write access to. No public exploit identified at time of analysis and no CISA KEV listing, but the low attack complexity (AC:L) and absence of privilege requirements (PR:N) make exploitation straightforward for any actor with local access.
Local privilege escalation in Microsoft .NET allows an authenticated low-privileged user to elevate to higher privileges through an improper authorization flaw (CWE-285). The vulnerability carries a CVSS 7.8 (High) rating with local attack vector and low complexity, and no public exploit identified at time of analysis. Tagged as an Authentication Bypass, it requires an existing foothold on the host but no user interaction once that foothold is established.
Denial of service in the Perl module Net::CIDR::Set through version 0.20 allows remote unauthenticated attackers to trigger indefinite recursion by submitting malformed IP address strings to the add() method. The flaw stems from missing input validation when parsing addresses, causing the parser to re-enter itself without a termination condition. No public exploit identified at time of analysis, but the issue is trivially reproducible and a fixed version 0.21 has been released on CPAN.
Metric injection in Net::Statsd for Perl (all versions before 0.13) allows network-reachable, unauthenticated attackers to forge additional StatsD metric lines by embedding newlines, colons, or pipes in metric names or values passed through the library. Any application that feeds untrusted external input into Net::Statsd method calls without prior sanitization is directly exposed, because the wire format uses those characters as delimiters between metrics in a single UDP datagram. No public exploit code exists and this vulnerability is not listed in CISA KEV; however, the CVSS AV:N/AC:L/PR:N/UI:N surface warrants prompt patching wherever user-controlled strings reach metric instrumentation calls.
Metric name injection in Net::Async::Statsd::Client (Perl, versions through 0.005) allows network-reachable, unauthenticated attackers to inject arbitrary StatsD metrics by supplying untrusted input containing unfiltered newlines, colons, or pipe characters. Because the StatsD wire protocol uses these characters as structural delimiters, unsanitized metric names sourced from user-controlled data can be interpreted as additional, attacker-controlled metrics by the receiving StatsD server. No public exploit identified at time of analysis and EPSS sits at the 9th percentile (0.03%), indicating low observed exploitation pressure, but any Perl application forwarding externally-supplied values as StatsD metric names is directly in scope.
Metric injection in Net::Statsd::Lite (Perl) affects all releases before v0.9.0, allowing unauthenticated remote attackers to inject arbitrary statsd metrics by embedding newline, colon, or pipe characters into metric names derived from untrusted input. Because the statsd wire protocol uses these characters as record separators and field delimiters, an unsanitized metric name can smuggle additional forged metrics into the UDP stream transmitted to a statsd daemon, corrupting monitoring and telemetry data. No public exploit code exists at time of analysis and the EPSS score of 0.01% (1st percentile) indicates negligible observed exploitation activity; however, the patch diff makes exploitation trivially constructible by any attacker who can influence metric name values in a vulnerable application.
Net::CIDR::Lite Perl module versions before 0.24 fail to properly validate IP address and CIDR mask inputs, allowing attackers to bypass IP-based access control lists by supplying malformed addresses that are re-encoded differently by the parser. Inputs with trailing newlines or non-ASCII digit characters pass validation but resolve to unintended IP addresses, causing find() and bin_find() functions to incorrectly match or miss addresses. This affects network security controls that rely on CIDR matching for authorization decisions.
Memory corruption in Go's net library (versions <1.25.10 and 1.26.0-1.26.2) leads to application crash when parsing maliciously crafted CNAME DNS responses. Remote attackers can trigger double-free of C memory in the cgo DNS resolver's LookupCNAME function by sending excessively long CNAME records, causing immediate denial of service. EPSS score of 0.01% (1st percentile) indicates minimal observed exploitation activity despite network-accessible attack vector and no authentication requirement. Vendor patch available via Go 1.25.10 and 1.26.3.
Net::CIDR::Lite before version 0.23 for Perl incorrectly handles RFC 4291 IPv4-mapped IPv6 addresses (::ffff:x.x.x.x) by including an extra sentinel byte during packing, resulting in 18-byte instead of 17-byte representations. This misalignment causes the find() and bin_find() functions to return incorrect matching results during IP address lookup operations, enabling attackers to bypass IP-based access control lists by crafting addresses that fall outside intended CIDR ranges. No active exploitation has been identified, but the low EPSS score (0.02%) masks the authentication bypass tag, suggesting limited real-world triggering conditions despite the 6.5 CVSS score.
IPv6 address validation bypass in Net::CIDR::Lite for Perl (versions <0.23) allows remote attackers to circumvent IP access control lists without authentication. The _pack_ipv6() function fails to validate that uncompressed IPv6 addresses contain exactly 8 hexadecimal groups, accepting malformed inputs like 'abcd' or '1:2:3' and producing incorrect packed representations. This causes find() and bin_find() methods to incorrectly match addresses against CIDR ranges, enabling ACL bypass. Exploitati
Weak PRNG in Net::NSCA::Client through 0.009002 for Perl. Patch available.
External control of file name or path in .NET, Visual Studio, and Build Tools for Visual Studio allows an authorized attacker to perform spoofing over a network. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.
Net::Dropbox::API 1.9 and earlier for Perl uses the rand() function as the default source of entropy, which is not cryptographically secure, for cryptographic functions. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
.NET Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.
.NET and Visual Studio Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
.NET Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
.NET and Visual Studio Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
.NET and Visual Studio Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Access of Resource Using Incompatible Type (Type Confusion) vulnerability could allow attackers to execute arbitrary code by exploiting type confusion in the application.
.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.
Microsoft Identity Denial of service vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity.
Multiple vulnerabilities in TRENDnet TEW-827DRU router including command injection and insecure passwords. PoC available.
NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required.
ASP.NET Core Security Feature Bypass Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Microsoft QUIC Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
Microsoft QUIC Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.
.NET Core and Visual Studio Denial of Service Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.
Visual Studio Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
Visual Studio Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
Visual Studio Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
Visual Studio Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.
.NET and Visual Studio Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.
ASP.NET Core SignalR and Visual Studio Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
.NET Core and Visual Studio Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.
.NET and Visual Studio Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.
ASP.NET and Visual Studio Security Feature Bypass Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.
.NET and Visual Studio Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.
.NET, .NET Framework, and Visual Studio Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.
.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required.
.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
.NET and Visual Studio Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.
.NET and Visual Studio Remote Code Execution Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
.NET and Visual Studio Remote Code Execution Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.
.NET and Visual Studio Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.5).
.NET DLL Hijacking Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
.NET and Visual Studio Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
.NET Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
NuGet Client Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.
.NET Core and Visual Studio Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.
.NET Spoofing Vulnerability. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
.NET and Visual Studio Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.
.NET and Visual Studio Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.
.NET and Visual Studio Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.
.NET and Visual Studio Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
.NET and Visual Studio Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.
.NET and Visual Studio Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.
.NET Core and Visual Studio Information Disclosure Vulnerability. Rated medium severity (CVSS 5.7), this vulnerability is no authentication required, low attack complexity.
.NET Core and Visual Studio Information Disclosure Vulnerability. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity.
.NET Core and Visual Studio Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
ASP.NET Core Denial of Service Vulnerability. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.
.NET and Visual Studio Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.
.NET Core Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.
.NET Core Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.
.NET Core and Visual Studio Denial of Service Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A denial of service vulnerability exists when .NET Core or .NET Framework improperly handles web requests, aka '.NET Core & .NET Framework Denial of Service Vulnerability'. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
The html package (aka x/net/html) through 2018-09-25 in Go mishandles <math><template><mn><b></template>, leading to a "panic: runtime error" (index out of range) in (*insertionModeStack).pop in. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
The html package (aka x/net/html) through 2018-09-25 in Go mishandles <svg><template><desc><t><svg></template>, leading to a "panic: runtime error" (index out of range) in (*nodeStack).pop in. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
The html package (aka x/net/html) through 2018-09-25 in Go mishandles <table><math><select><mi><select></table>, leading to an infinite loop during an html.Parse call because inSelectIM and. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The html package (aka x/net/html) through 2018-09-17 in Go mishandles <template><tBody><isindex/action=0>, leading to a "panic: runtime error" in inBodyIM in parse.go during an html.Parse call. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
The html package (aka x/net/html) through 2018-09-17 in Go mishandles <math><template><mo><template>, leading to a "panic: runtime error" in parseCurrentToken in parse.go during an html.Parse call. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
The html package (aka x/net/html) before 2018-07-13 in Go mishandles "in frameset" insertion mode, leading to a "panic: runtime error" for html.Parse of <template><object>, <template><applet>, or. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
MSE Diffie-Hellman key exchange in Net::BitTorrent (Perl, all versions through 2.0.1) is rendered cryptographically transparent to passive network observers because Perl's non-cryptographic rand() function generates the 160-bit DH private key in KeyExchange.pm, and the same PRNG sequence simultaneously produces cleartext random padding transmitted during the same handshake. A passive eavesdropper who captures the handshake can recover the drand48 PRNG state from the observable padding bytes, reconstruct the private key, derive the RC4 session keys, and fully decrypt the MSE-encrypted stream - completely defeating the passive-observation obfuscation MSE is designed to provide. No public exploit has been identified at time of analysis, but the recovery is deterministic and requires only standard number theory once the handshake is captured.
Net::BitTorrent versions through 2.0.1 for Perl allow remote memory exhaustion via deeply nested bencoded input. bdecode recurses once per nested list or dictionary level with no depth cap, and each recursive call receives the remaining buffer by value while the list and dictionary branches capture the whole remainder, so every live recursion frame keeps its own copy of the shrinking buffer (O(N^2) bytes for an N-deep input). The decoder runs on every untrusted bencode source: .torrent files, BEP09 metadata fetched from peers, DHT messages, and tracker responses. A bencoded input of roughly 150,000 nested lists (about 150 KB on the wire) drives multi-gigabyte peak memory, so one short message from any peer, or one crafted .torrent file or magnet link, terminates the client.
Remote memory exhaustion in the Net::BitTorrent Perl module (all versions through 2.0.1) lets any unauthenticated peer in a torrent swarm crash the downloading process by abusing the peer-wire protocol's length-prefix framing. Because the decoder buffers an entire announced message before processing and trusts an attacker-supplied length prefix of up to ~4 GiB, a single malicious peer can drive the victim's memory toward exhaustion. There is no public exploit identified at time of analysis and no CISA KEV listing, but the attack is trivial and requires no authentication; EPSS data was not provided.
Arbitrary file write in Net::BitTorrent 2.0.1 and earlier allows a malicious BitTorrent peer to place attacker-controlled content at attacker-chosen filesystem paths outside the designated download directory. The library validates path components on the .torrent ingest path but omits identical validation for peer-supplied metadata received via the BEP09 ut_metadata extension, causing file names containing '..' segments to resolve to traversal targets when passed to Storage::add_file. Because the attacking peer controls both the piece hashes and the served bytes, content verification passes silently, making the write invisible to the application. No public exploit has been identified at time of analysis, and this CVE is not listed in CISA KEV.
Metric injection in the Perl module Net::Statsite::Client through version 1.1.0 allows attackers controlling metric names or values to inject arbitrary statsite protocol commands by smuggling newlines, colons, and pipe characters that the library fails to sanitize. The flaw maps to CWE-93 (CRLF Injection) and affects any application that forwards untrusted input into metric reporting. No public exploit identified at time of analysis, and the issue is not on CISA KEV.
Remote denial of service in ASP.NET Core enables unauthenticated network attackers to exhaust server resources and disrupt application availability. The CVSS 7.5 score reflects high availability impact with low attack complexity and no required privileges or user interaction, though no public exploit identified at time of analysis. Microsoft (secure@microsoft.com) is the reporting source via MSRC, indicating a vendor-coordinated disclosure.
Local file tampering via symlink/junction following in Microsoft .NET runtimes 8.0, 9.0, and 10.0 allows a local unauthenticated attacker to redirect file operations to unintended targets, achieving high-integrity impact without requiring elevated privileges. The vulnerability stems from improper link resolution (CWE-59) before file access, enabling unauthorized modification of files the attacker would otherwise lack write access to. No public exploit identified at time of analysis and no CISA KEV listing, but the low attack complexity (AC:L) and absence of privilege requirements (PR:N) make exploitation straightforward for any actor with local access.
Local privilege escalation in Microsoft .NET allows an authenticated low-privileged user to elevate to higher privileges through an improper authorization flaw (CWE-285). The vulnerability carries a CVSS 7.8 (High) rating with local attack vector and low complexity, and no public exploit identified at time of analysis. Tagged as an Authentication Bypass, it requires an existing foothold on the host but no user interaction once that foothold is established.
Denial of service in the Perl module Net::CIDR::Set through version 0.20 allows remote unauthenticated attackers to trigger indefinite recursion by submitting malformed IP address strings to the add() method. The flaw stems from missing input validation when parsing addresses, causing the parser to re-enter itself without a termination condition. No public exploit identified at time of analysis, but the issue is trivially reproducible and a fixed version 0.21 has been released on CPAN.
Metric injection in Net::Statsd for Perl (all versions before 0.13) allows network-reachable, unauthenticated attackers to forge additional StatsD metric lines by embedding newlines, colons, or pipes in metric names or values passed through the library. Any application that feeds untrusted external input into Net::Statsd method calls without prior sanitization is directly exposed, because the wire format uses those characters as delimiters between metrics in a single UDP datagram. No public exploit code exists and this vulnerability is not listed in CISA KEV; however, the CVSS AV:N/AC:L/PR:N/UI:N surface warrants prompt patching wherever user-controlled strings reach metric instrumentation calls.
Metric name injection in Net::Async::Statsd::Client (Perl, versions through 0.005) allows network-reachable, unauthenticated attackers to inject arbitrary StatsD metrics by supplying untrusted input containing unfiltered newlines, colons, or pipe characters. Because the StatsD wire protocol uses these characters as structural delimiters, unsanitized metric names sourced from user-controlled data can be interpreted as additional, attacker-controlled metrics by the receiving StatsD server. No public exploit identified at time of analysis and EPSS sits at the 9th percentile (0.03%), indicating low observed exploitation pressure, but any Perl application forwarding externally-supplied values as StatsD metric names is directly in scope.
Metric injection in Net::Statsd::Lite (Perl) affects all releases before v0.9.0, allowing unauthenticated remote attackers to inject arbitrary statsd metrics by embedding newline, colon, or pipe characters into metric names derived from untrusted input. Because the statsd wire protocol uses these characters as record separators and field delimiters, an unsanitized metric name can smuggle additional forged metrics into the UDP stream transmitted to a statsd daemon, corrupting monitoring and telemetry data. No public exploit code exists at time of analysis and the EPSS score of 0.01% (1st percentile) indicates negligible observed exploitation activity; however, the patch diff makes exploitation trivially constructible by any attacker who can influence metric name values in a vulnerable application.
Net::CIDR::Lite Perl module versions before 0.24 fail to properly validate IP address and CIDR mask inputs, allowing attackers to bypass IP-based access control lists by supplying malformed addresses that are re-encoded differently by the parser. Inputs with trailing newlines or non-ASCII digit characters pass validation but resolve to unintended IP addresses, causing find() and bin_find() functions to incorrectly match or miss addresses. This affects network security controls that rely on CIDR matching for authorization decisions.
Memory corruption in Go's net library (versions <1.25.10 and 1.26.0-1.26.2) leads to application crash when parsing maliciously crafted CNAME DNS responses. Remote attackers can trigger double-free of C memory in the cgo DNS resolver's LookupCNAME function by sending excessively long CNAME records, causing immediate denial of service. EPSS score of 0.01% (1st percentile) indicates minimal observed exploitation activity despite network-accessible attack vector and no authentication requirement. Vendor patch available via Go 1.25.10 and 1.26.3.
Net::CIDR::Lite before version 0.23 for Perl incorrectly handles RFC 4291 IPv4-mapped IPv6 addresses (::ffff:x.x.x.x) by including an extra sentinel byte during packing, resulting in 18-byte instead of 17-byte representations. This misalignment causes the find() and bin_find() functions to return incorrect matching results during IP address lookup operations, enabling attackers to bypass IP-based access control lists by crafting addresses that fall outside intended CIDR ranges. No active exploitation has been identified, but the low EPSS score (0.02%) masks the authentication bypass tag, suggesting limited real-world triggering conditions despite the 6.5 CVSS score.
IPv6 address validation bypass in Net::CIDR::Lite for Perl (versions <0.23) allows remote attackers to circumvent IP access control lists without authentication. The _pack_ipv6() function fails to validate that uncompressed IPv6 addresses contain exactly 8 hexadecimal groups, accepting malformed inputs like 'abcd' or '1:2:3' and producing incorrect packed representations. This causes find() and bin_find() methods to incorrectly match addresses against CIDR ranges, enabling ACL bypass. Exploitati
Weak PRNG in Net::NSCA::Client through 0.009002 for Perl. Patch available.
External control of file name or path in .NET, Visual Studio, and Build Tools for Visual Studio allows an authorized attacker to perform spoofing over a network. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.
Net::Dropbox::API 1.9 and earlier for Perl uses the rand() function as the default source of entropy, which is not cryptographically secure, for cryptographic functions. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
.NET Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.
.NET and Visual Studio Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
.NET Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
.NET and Visual Studio Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
.NET and Visual Studio Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Access of Resource Using Incompatible Type (Type Confusion) vulnerability could allow attackers to execute arbitrary code by exploiting type confusion in the application.
.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.
Microsoft Identity Denial of service vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity.
Multiple vulnerabilities in TRENDnet TEW-827DRU router including command injection and insecure passwords. PoC available.
NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required.
ASP.NET Core Security Feature Bypass Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Microsoft QUIC Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
Microsoft QUIC Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.
.NET Core and Visual Studio Denial of Service Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.
Visual Studio Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
Visual Studio Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
Visual Studio Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
Visual Studio Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.
.NET and Visual Studio Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.
ASP.NET Core SignalR and Visual Studio Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
.NET Core and Visual Studio Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.
.NET and Visual Studio Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.
ASP.NET and Visual Studio Security Feature Bypass Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.
.NET and Visual Studio Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.
.NET, .NET Framework, and Visual Studio Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.
.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required.
.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
.NET and Visual Studio Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.
.NET and Visual Studio Remote Code Execution Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
.NET and Visual Studio Remote Code Execution Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.
.NET and Visual Studio Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.5).
.NET DLL Hijacking Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
.NET and Visual Studio Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
.NET Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
NuGet Client Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.
.NET Core and Visual Studio Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.
.NET Spoofing Vulnerability. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
.NET and Visual Studio Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.
.NET and Visual Studio Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.
.NET and Visual Studio Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.
.NET and Visual Studio Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
.NET and Visual Studio Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.
.NET and Visual Studio Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.
.NET Core and Visual Studio Information Disclosure Vulnerability. Rated medium severity (CVSS 5.7), this vulnerability is no authentication required, low attack complexity.
.NET Core and Visual Studio Information Disclosure Vulnerability. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity.
.NET Core and Visual Studio Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
ASP.NET Core Denial of Service Vulnerability. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.
.NET and Visual Studio Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.
.NET Core Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.
.NET Core Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.
.NET Core and Visual Studio Denial of Service Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A denial of service vulnerability exists when .NET Core or .NET Framework improperly handles web requests, aka '.NET Core & .NET Framework Denial of Service Vulnerability'. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
The html package (aka x/net/html) through 2018-09-25 in Go mishandles <math><template><mn><b></template>, leading to a "panic: runtime error" (index out of range) in (*insertionModeStack).pop in. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
The html package (aka x/net/html) through 2018-09-25 in Go mishandles <svg><template><desc><t><svg></template>, leading to a "panic: runtime error" (index out of range) in (*nodeStack).pop in. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
The html package (aka x/net/html) through 2018-09-25 in Go mishandles <table><math><select><mi><select></table>, leading to an infinite loop during an html.Parse call because inSelectIM and. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The html package (aka x/net/html) through 2018-09-17 in Go mishandles <template><tBody><isindex/action=0>, leading to a "panic: runtime error" in inBodyIM in parse.go during an html.Parse call. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
The html package (aka x/net/html) through 2018-09-17 in Go mishandles <math><template><mo><template>, leading to a "panic: runtime error" in parseCurrentToken in parse.go during an html.Parse call. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
The html package (aka x/net/html) before 2018-07-13 in Go mishandles "in frameset" insertion mode, leading to a "panic: runtime error" for html.Parse of <template><object>, <template><applet>, or. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.