7.5

CVE-2026-45591

Medienbericht

ASP.NET Core Denial of Service Vulnerability

Uncontrolled resource consumption in ASP.NET Core allows an unauthorized attacker to deny service over a network.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MicrosoftAsp.Net Core Version >= 8.0.0 < 8.0.28
MicrosoftAsp.Net Core Version >= 9.0.0 < 9.0.17
MicrosoftAsp.Net Core Version >= 10.0.0 < 10.0.9
MicrosoftVisual Studio 2026 Version >= 18.6.0 < 18.6.3
Microsoft.Net Version >= 8.0.0 < 8.0.28
   ApplemacOS Version-
   LinuxLinux Kernel Version-
   MicrosoftWindows Version-
Microsoft.Net Version >= 9.0.0 < 9.0.17
   ApplemacOS Version-
   LinuxLinux Kernel Version-
   MicrosoftWindows Version-
Microsoft.Net Version >= 10.0.0 < 10.0.9
   ApplemacOS Version-
   LinuxLinux Kernel Version-
   MicrosoftWindows Version-
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.43% 0.822
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
secure@microsoft.com 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0b0ca135-0b70-47e7-9f44-1890c2a1c46c 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE-400 Uncontrolled Resource Consumption

The product does not properly control the allocation and maintenance of a limited resource.

CWE-770 Allocation of Resources Without Limits or Throttling

The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.

Für Zugriff zu Vulnerability Intelligence ist ein VulnDex Zugang erforderlich.
VulnDex Intel
Media Report
10.06.2026 18:13
Für Zugriff zu Vulnerability Intelligence ist ein VulnDex Zugang erforderlich.
VulnDex Intel
Media Report
09.06.2026 20:12
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45591
Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:17527
https://access.redhat.com/errata/RHSA-2026:26638
https://access.redhat.com/errata/RHSA-2026:26994
https://access.redhat.com/errata/RHSA-2026:25110
https://access.redhat.com/errata/RHSA-2026:25111
https://access.redhat.com/errata/RHSA-2026:25112
https://access.redhat.com/errata/RHSA-2026:25113
https://access.redhat.com/errata/RHSA-2026:25114
https://access.redhat.com/errata/RHSA-2026:25115
https://access.redhat.com/errata/RHSA-2026:25220
https://access.redhat.com/errata/RHSA-2026:25221
https://access.redhat.com/errata/RHSA-2026:25222
https://access.redhat.com/errata/RHSA-2026:28007
https://access.redhat.com/errata/RHSA-2026:28009
https://access.redhat.com/errata/RHSA-2026:28011
https://access.redhat.com/errata/RHSA-2026:28051
https://access.redhat.com/errata/RHSA-2026:28227
https://access.redhat.com/security/cve/CVE-2026-45591
https://bugzilla.redhat.com/show_bug.cgi?id=2487224
https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-45591.json