5.9

CVE-2026-32226

Medienbericht

.NET Framework Denial of Service Vulnerability

Concurrent execution using shared resource with improper synchronization ('race condition') in .NET Framework allows an unauthorized attacker to deny service over a network.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Microsoft.Net Framework Version3.5 Update-
   MicrosoftWindows 10 1809 Version- HwPlatformarm64
   MicrosoftWindows 10 1809 Version- HwPlatformx64
Microsoft.Net Framework Version4.7.2
   MicrosoftWindows 10 1809 Version- HwPlatformarm64
   MicrosoftWindows 10 1809 Version- HwPlatformx64
Microsoft.Net Framework Version3.5 Update-
   MicrosoftWindows 10 1809 Version- HwPlatformarm64
   MicrosoftWindows 10 1809 Version- HwPlatformx64
   MicrosoftWindows 10 1809 Version- HwPlatformx86
   MicrosoftWindows Server 20h2 Version- HwPlatformx64
Microsoft.Net Framework Version4.8
   MicrosoftWindows 10 1809 Version- HwPlatformarm64
   MicrosoftWindows 10 1809 Version- HwPlatformx64
   MicrosoftWindows 10 1809 Version- HwPlatformx86
   MicrosoftWindows Server 20h2 Version- HwPlatformx64
Microsoft.Net Framework Version4.8
   MicrosoftWindows 10 1607 Version- HwPlatformx64
   MicrosoftWindows Server 2012 Version-
   MicrosoftWindows Server 2012 Versionr2
Microsoft.Net Framework Version3.5 Update-
   MicrosoftWindows 11 26h1 Version- HwPlatformarm64
   MicrosoftWindows 11 26h1 Version- HwPlatformx64
   MicrosoftWindows Server 2025 Version- HwPlatformx64
Microsoft.Net Framework Version4.8.1
   MicrosoftWindows 11 26h1 Version- HwPlatformarm64
   MicrosoftWindows 11 26h1 Version- HwPlatformx64
   MicrosoftWindows Server 2025 Version- HwPlatformx64
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.54% 0.412
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
secure@microsoft.com 5.9 2.2 3.6
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.

Für Zugriff zu Vulnerability Intelligence ist ein VulnDex Zugang erforderlich.
VulnDex Intel
Media Report
14.04.2026 19:52
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32226
Vendor Advisory