Microsoft Asp.Net Core 8.0 vulnerabilities

CVE-2026-26130 [HIGH] CWE-770 CVE-2026-26130: Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network.

CVE-2025-55315 [CRITICAL] CWE-444 CVE-2025-55315: Inconsistent interpretation of http requests ('http request/response smuggling') in ASP.NET Core all Inconsistent interpretation of http requests ('http request/response smuggling') in ASP.NET Core allows an authorized attacker to bypass a security feature over a network.

CVE-2025-26682 [HIGH] CWE-770 CVE-2025-26682: Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network.

CVE-2025-24070 [HIGH] CWE-1390 CVE-2025-24070: Weak authentication in ASP.NET Core & Visual Studio allows an unauthorized attacker to elevate p Weak authentication in ASP.NET Core & Visual Studio allows an unauthorized attacker to elevate privileges over a network.

CVE-2024-21386 [HIGH] CWE-400 .NET Denial of Service Vulnerability .NET Denial of Service Vulnerability .NET Denial of Service Vulnerability

CVE-2023-36038 [HIGH] CWE-400 ASP.NET Core Denial of Service Vulnerability ASP.NET Core Denial of Service Vulnerability ASP.NET Core Denial of Service Vulnerability

CVE-2023-36558 [MEDIUM] CVE-2023-36558: ASP.NET Core Security Feature Bypass Vulnerability ASP.NET Core Security Feature Bypass Vulnerability