HarborGuard / CVE
Back to search
HIGHCVE-2026-42899Published Modified CNA microsoft

CVE-2026-42899: ASP.NET Core Denial of Service Vulnerability

Loop with unreachable exit condition ('infinite loop') in ASP.NET Core allows an unauthorized attacker to deny service over a network.

Metrics

CVSS v3.1
7.5
Severity
HIGH
Fixed in
8.0.27
Affected Products
3

Fix available

8.0.279.0.1610.0.8
Patch commits
Affected packages
  • Microsoft / .NET 10.0
    < 10.0.8 (from 10.0.0)
  • Microsoft / .NET 8.0
    < 8.0.27 (from 8.0.0)
  • Microsoft / .NET 9.0
    < 9.0.16 (from 9.0.0)
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
References