Microsoft Net Framework vulnerabilities

168 known vulnerabilities affecting microsoft/net_framework.

Total CVEs

168

CISA KEV

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL62HIGH64MEDIUM40LOW2

Vulnerabilities

Page 1 of 9

CVE-2026-23666HIGHCVSS 7.5v3.5v4.7.2+5 more2026-04-14

CVE-2026-23666 [HIGH] CWE-755 CVE-2026-23666: Improper input validation in .NET Framework allows an unauthorized attacker to deny service over a n Improper input validation in .NET Framework allows an unauthorized attacker to deny service over a network.

nvd

CVE-2026-33116HIGHCVSS 7.5v3.5v4.7.2+5 more2026-04-14

CVE-2026-33116 [HIGH] CWE-20 CVE-2026-33116: Loop with unreachable exit condition ('infinite loop') in .NET, .NET Framework, Visual Studio allows Loop with unreachable exit condition ('infinite loop') in .NET, .NET Framework, Visual Studio allows an unauthorized attacker to deny service over a network.

nvd

CVE-2026-32226MEDIUMCVSS 5.9v3.5v4.7.2+2 more2026-04-14

CVE-2026-32226 [MEDIUM] CWE-362 CVE-2026-32226: Concurrent execution using shared resource with improper synchronization ('race condition') in .NET Concurrent execution using shared resource with improper synchronization ('race condition') in .NET Framework allows an unauthorized attacker to deny service over a network.

nvd

CVE-2025-55248MEDIUMCVSS 5.7v4.6.2v4.7+7 more2025-10-14

CVE-2025-55248 [MEDIUM] CWE-326 CVE-2025-55248: Inadequate encryption strength in .NET, .NET Framework, Visual Studio allows an authorized attacker Inadequate encryption strength in .NET, .NET Framework, Visual Studio allows an authorized attacker to disclose information over a network.

nvd

CVE-2025-21176HIGHCVSS 8.8v4.6v4.6.2+6 more2025-01-14

CVE-2025-21176 [HIGH] CWE-126 CVE-2025-21176: .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability

nvd

CVE-2024-43483HIGHCVSS 7.5v3.5v4.8.1+9 more2024-10-08

CVE-2024-43483 [HIGH] CWE-407 CVE-2024-43483: .NET, .NET Framework, and Visual Studio Denial of Service Vulnerability .NET, .NET Framework, and Visual Studio Denial of Service Vulnerability

nvd

CVE-2024-43484HIGHCVSS 7.5v3.5v4.8.1+9 more2024-10-08

CVE-2024-43484 [HIGH] CWE-407 CVE-2024-43484: .NET, .NET Framework, and Visual Studio Denial of Service Vulnerability .NET, .NET Framework, and Visual Studio Denial of Service Vulnerability

nvd

CVE-2024-38081HIGHCVSS 7.3v4.6.2v4.7+8 more2024-07-09

CVE-2024-38081 [HIGH] CWE-59 CVE-2024-38081: .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability

nvd

CVE-2024-21409HIGHCVSS 7.3v3.5v4.8.1+5 more2024-04-09

CVE-2024-21409 [HIGH] CWE-416 CVE-2024-21409: .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability

nvd

CVE-2024-29059HIGHCVSS 7.5KEVPoCv3.5v4.7.2+9 more2024-03-23

CVE-2024-29059 [HIGH] CWE-209 CVE-2024-29059: .NET Framework Information Disclosure Vulnerability .NET Framework Information Disclosure Vulnerability

nvd

CVE-2024-0057CRITICALCVSS 9.8≥ 4.8, < 4.8.04690.02≥ 4.8, < 4.8.04690.01+8 more2024-01-09

CVE-2024-0057 [CRITICAL] CWE-20 CVE-2024-0057: NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability

nvd

CVE-2024-0056HIGHCVSS 8.7≥ 4.8, < 4.8.04690.02≥ 4.8, < 4.8.04690.01+7 more2024-01-09

CVE-2024-0056 [HIGH] CWE-319 CVE-2024-0056: Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnera Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability

nvd

CVE-2023-36049CRITICALCVSS 9.8v2.0v3.0+8 more2023-11-14

CVE-2023-36049 [CRITICAL] CWE-20 CVE-2023-36049: .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability

nvd

CVE-2023-36788HIGHCVSS 7.8v3.5.1v3.5+5 more2023-09-12

CVE-2023-36788 [HIGH] CVE-2023-36788: .NET Framework Remote Code Execution Vulnerability .NET Framework Remote Code Execution Vulnerability

nvd

CVE-2023-24936HIGHCVSS 7.5v4.8v4.6.2+8 more2023-06-14

CVE-2023-24936 [HIGH] CVE-2023-24936: .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability

nvd

CVE-2023-29331HIGHCVSS 7.5v4.8v4.6.2+8 more2023-06-14

CVE-2023-29331 [HIGH] CWE-400 CVE-2023-29331: .NET, .NET Framework, and Visual Studio Denial of Service Vulnerability .NET, .NET Framework, and Visual Studio Denial of Service Vulnerability

nvd

CVE-2023-24895HIGHCVSS 7.8v4.8v4.6.2+8 more2023-06-14

CVE-2023-24895 [HIGH] CVE-2023-24895: .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability

nvd

CVE-2023-29326HIGHCVSS 7.8v3.5.1v3.5+8 more2023-06-14

CVE-2023-29326 [HIGH] CVE-2023-29326: .NET Framework Remote Code Execution Vulnerability .NET Framework Remote Code Execution Vulnerability

nvd

CVE-2023-32030HIGHCVSS 7.5v4.8v4.6.2+8 more2023-06-14

CVE-2023-32030 [HIGH] CVE-2023-32030: .NET and Visual Studio Denial of Service Vulnerability .NET and Visual Studio Denial of Service Vulnerability

nvd

CVE-2023-24897HIGHCVSS 7.8v4.8v4.6.2+5 more2023-06-14

CVE-2023-24897 [HIGH] CWE-122 CVE-2023-24897: .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability

nvd

1 / 9Next →