CVE-2026-33116

Medienbericht

EPSS 1.4%
Veröffentlicht 14.04.2026 16:57:47
Zuletzt bearbeitet 06.05.2026 15:19:27
Quelle secure@microsoft.com
CVE-Watchlists
Login
Unerledigt
Login

.NET, .NET Framework, and Visual Studio Denial of Service Vulnerability

Loop with unreachable exit condition ('infinite loop') in .NET, .NET Framework, Visual Studio allows an unauthorized attacker to deny service over a network.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 3 Referenzen 5

NVD 15 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Microsoft ≫ .Net Version >= 10.0.0 < 10.0.6

Apple ≫ macOS Version-
Linux ≫ Linux Kernel Version-

Microsoft ≫ .Net Version >= 8.0.0 < 8.0.26

   Apple ≫ macOS Version-
   Linux ≫ Linux Kernel Version-
   Microsoft ≫ Windows Version-

Microsoft ≫ .Net Version >= 9.0.0 < 9.0.15

   Apple ≫ macOS Version-
   Linux ≫ Linux Kernel Version-
   Microsoft ≫ Windows Version-

Microsoft ≫ .Net Framework Version3.5 Update-

Microsoft ≫ Windows Server 2012 Version-
Microsoft ≫ Windows Server 2012 Versionr2

Microsoft ≫ .Net Framework Version3.5 Update-

   Microsoft ≫ Windows 10 1809 Version- HwPlatformarm64
   Microsoft ≫ Windows 10 1809 Version- HwPlatformx64
   Microsoft ≫ Windows 10 1809 Version- HwPlatformx86

Microsoft ≫ .Net Framework Version4.7.2

   Microsoft ≫ Windows 10 1809 Version- HwPlatformarm64
   Microsoft ≫ Windows 10 1809 Version- HwPlatformx64
   Microsoft ≫ Windows 10 1809 Version- HwPlatformx86

Microsoft ≫ .Net Framework Version4.6.2

Microsoft ≫ Windows Server 2012 Version-
Microsoft ≫ Windows Server 2012 Versionr2

Microsoft ≫ .Net Framework Version4.7

Microsoft ≫ Windows Server 2012 Version-
Microsoft ≫ Windows Server 2012 Versionr2

Microsoft ≫ .Net Framework Version4.7.1

Microsoft ≫ Windows Server 2012 Version-
Microsoft ≫ Windows Server 2012 Versionr2

Microsoft ≫ .Net Framework Version4.7.2

Microsoft ≫ Windows Server 2012 Version-
Microsoft ≫ Windows Server 2012 Versionr2

Microsoft ≫ .Net Framework Version3.5 Update-

   Microsoft ≫ Windows 10 1809 Version- HwPlatformarm64
   Microsoft ≫ Windows 10 1809 Version- HwPlatformx64
   Microsoft ≫ Windows 10 1809 Version- HwPlatformx86
   Microsoft ≫ Windows 10 21h2 Version- HwPlatformarm64
   Microsoft ≫ Windows 10 21h2 Version- HwPlatformx64
   Microsoft ≫ Windows 10 21h2 Version- HwPlatformx86
   Microsoft ≫ Windows 10 22h2 Version- HwPlatformarm64
   Microsoft ≫ Windows 10 22h2 Version- HwPlatformx64
   Microsoft ≫ Windows 10 22h2 Version- HwPlatformx86
   Microsoft ≫ Windows Server 2022 Version-

Microsoft ≫ .Net Framework Version4.8

Microsoft ≫ .Net Framework Version3.5 Update-

   Microsoft ≫ Windows 10 21h2 Version- HwPlatformarm64
   Microsoft ≫ Windows 10 21h2 Version- HwPlatformx64
   Microsoft ≫ Windows 10 21h2 Version- HwPlatformx86
   Microsoft ≫ Windows 10 22h2 Version- HwPlatformarm64
   Microsoft ≫ Windows 10 22h2 Version- HwPlatformx64
   Microsoft ≫ Windows 10 22h2 Version- HwPlatformx86
   Microsoft ≫ Windows 11 22h2 Version- HwPlatformarm64
   Microsoft ≫ Windows 11 22h2 Version- HwPlatformx64
   Microsoft ≫ Windows 11 23h2 Version- HwPlatformarm64
   Microsoft ≫ Windows 11 23h2 Version- HwPlatformx64
   Microsoft ≫ Windows 11 24h2 Version- HwPlatformarm64
   Microsoft ≫ Windows 11 24h2 Version- HwPlatformx64
   Microsoft ≫ Windows 11 25h2 Version- HwPlatformarm64
   Microsoft ≫ Windows 11 25h2 Version- HwPlatformx64
   Microsoft ≫ Windows 11 26h1 Version- HwPlatformarm64
   Microsoft ≫ Windows 11 26h1 Version- HwPlatformx64
   Microsoft ≫ Windows Server 2022 Version-
   Microsoft ≫ Windows Server 2022 23h2 Version- HwPlatformx64
   Microsoft ≫ Windows Server 2025 Version- HwPlatformx64

Microsoft ≫ .Net Framework Version4.8.1

Microsoft ≫ .Net Framework Version4.8

   Microsoft ≫ Windows 10 1607 Version- HwPlatformx64
   Microsoft ≫ Windows 10 1607 Version- HwPlatformx86
   Microsoft ≫ Windows Server 2012 Version-
   Microsoft ≫ Windows Server 2012 Versionr2

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1.4%	0.806

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
secure@microsoft.com	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

CWE-400 Uncontrolled Resource Consumption

The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')

The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.

https://www.bleepingcomputer.com/news/microsoft/microsoft-april-2026-patch-tuesday-fixes-167-flaws-2-zero-days/

Media Report

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33116

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2026-33116

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-33116

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-33116

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2026-33116