CVE-2026-32203Improper Input Validation in Microsoft Visual Studio 2022 Version 17.12

CWE-20Improper Input ValidationCWE-121Stack-based Buffer OverflowCWE-787Out-of-bounds Write9 documents6 sources
Severity
7.5HIGHNVD
EPSS
0.1%
top 65.96%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
Microsoft Visual Studio 2022 Version 17.12Microsoft Visual Studio 2022 Version 17.14Microsoft NET 10.0+2 more
Timeline
PublishedApr 14
Latest updateApr 15

Description

Stack-based buffer overflow in .NET and Visual Studio allows an unauthorized attacker to deny service over a network.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages5 packages

CVEListV5microsoft/net_8.08.0.08.0.26
CVEListV5microsoft/net_9.09.0.09.0.15
CVEListV5microsoft/net_10.010.0.010.0.6

🔴Vulnerability Details

2
CVEList
.NET and Visual Studio Denial of Service Vulnerability2026-04-14
VulDB
Microsoft .NET/Visual Studio prior 8.0.26/9.0.15/10.0.6/17.12.19/17.14.30 stack-based overflow2026-04-14

📋Vendor Advisories

2
Ubuntu
.NET vulnerabilities2026-04-15
Red Hat
dotnet: .NET: Denial of Service via stack overflow2026-04-14

💬Community

4
Bugzilla
CVE-2026-32203 dotnet9.0: .NET: Denial of Service via stack overflow [fedora-all]2026-04-14
Bugzilla
CVE-2026-32203 dotnet10.0: .NET: Denial of Service via stack overflow [fedora-all]2026-04-14
Bugzilla
CVE-2026-32203 dotnet8.0: .NET: Denial of Service via stack overflow [fedora-all]2026-04-14
Bugzilla
CVE-2026-32203 dotnet: .NET: Denial of Service via stack overflow2026-04-13
CVE-2026-32203 — Improper Input Validation in Microsoft | cvebase