7.5
CVE-2026-42899
- EPSS 2.43%
- Veröffentlicht 12.05.2026 16:59:06
- Zuletzt bearbeitet 30.06.2026 03:19:41
- Quelle secure@microsoft.com
- CVE-Watchlists
- Unerledigt
ASP.NET Core Denial of Service Vulnerability
Loop with unreachable exit condition ('infinite loop') in ASP.NET Core allows an unauthorized attacker to deny service over a network.| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.43% | 0.822 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| secure@microsoft.com | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
| 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')
The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.
Für Zugriff zu Vulnerability Intelligence ist ein VulnDex Zugang erforderlich.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42899
https://access.redhat.com/errata/RHSA-2026:17464
https://access.redhat.com/errata/RHSA-2026:17527
https://access.redhat.com/errata/RHSA-2026:17682
https://access.redhat.com/errata/RHSA-2026:21286
https://access.redhat.com/errata/RHSA-2026:21291
https://access.redhat.com/errata/RHSA-2026:21293
https://access.redhat.com/errata/RHSA-2026:21294
https://access.redhat.com/errata/RHSA-2026:21295
https://access.redhat.com/errata/RHSA-2026:21296
https://access.redhat.com/errata/RHSA-2026:21297
https://access.redhat.com/errata/RHSA-2026:21754
https://access.redhat.com/errata/RHSA-2026:22145
https://access.redhat.com/errata/RHSA-2026:24332
https://access.redhat.com/errata/RHSA-2026:24333
https://access.redhat.com/errata/RHSA-2026:24334
https://access.redhat.com/errata/RHSA-2026:24335
https://access.redhat.com/errata/RHSA-2026:24336
https://access.redhat.com/security/cve/CVE-2026-42899
https://bugzilla.redhat.com/show_bug.cgi?id=2476605
https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-42899.json