Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-45491 (GCVE-0-2026-45491)
Vulnerability from cvelistv5 – Published: 2026-06-09 17:04 – Updated: 2026-06-10 17:53
VLAI
EPSS
Title
.NET Tampering Vulnerability
Summary
Improper link resolution before file access ('link following') in .NET allows an unauthorized attacker to perform tampering locally.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-59 - Improper Link Resolution Before File Access ('Link Following')
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://msrc.microsoft.com/update-guide/vulnerabi… | vendor-advisorypatch |
Impacted products
Date Public
2026-06-09 14:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-45491",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-10T12:17:16.966103Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-10T12:17:26.789Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": ".NET 10.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.9",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"product": ".NET 8.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.0.28",
"status": "affected",
"version": "8.0",
"versionType": "custom"
}
]
},
{
"product": ".NET 8.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.0.28",
"status": "affected",
"version": "8.0.0",
"versionType": "custom"
}
]
},
{
"product": ".NET 9.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "9.0.17",
"status": "affected",
"version": "9.0.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.9",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.0.28",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.0.28",
"versionStartIncluding": "8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.0.17",
"versionStartIncluding": "9.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2026-06-09T14:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Improper link resolution before file access (\u0027link following\u0027) in .NET allows an unauthorized attacker to perform tampering locally."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-10T17:53:34.455Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": ".NET Tampering Vulnerability",
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45491"
}
],
"title": ".NET Tampering Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2026-45491",
"datePublished": "2026-06-09T17:04:44.457Z",
"dateReserved": "2026-05-12T16:07:22.618Z",
"dateUpdated": "2026-06-10T17:53:34.455Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-45491",
"date": "2026-06-12",
"epss": "0.00092",
"percentile": "0.26014"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-45491\",\"sourceIdentifier\":\"secure@microsoft.com\",\"published\":\"2026-06-09T17:17:25.567\",\"lastModified\":\"2026-06-09T19:32:51.440\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Improper link resolution before file access (\u0027link following\u0027) in .NET allows an unauthorized attacker to perform tampering locally.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secure@microsoft.com\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\",\"baseScore\":6.2,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.5,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"secure@microsoft.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-59\"}]}],\"references\":[{\"url\":\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45491\",\"source\":\"secure@microsoft.com\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-45491\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-06-10T12:17:16.966103Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-06-10T12:17:21.270Z\"}}], \"cna\": {\"title\": \".NET Tampering Vulnerability\", \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 6.2, \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C\"}, \"scenarios\": [{\"lang\": \"en-US\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Microsoft\", \"product\": \".NET 10.0\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.0\", \"lessThan\": \"10.0.9\", \"versionType\": \"custom\"}]}, {\"vendor\": \"Microsoft\", \"product\": \".NET 8.0\", \"versions\": [{\"status\": \"affected\", \"version\": \"8.0\", \"lessThan\": \"8.0.28\", \"versionType\": \"custom\"}]}, {\"vendor\": \"Microsoft\", \"product\": \".NET 8.0\", \"versions\": [{\"status\": \"affected\", \"version\": \"8.0.0\", \"lessThan\": \"8.0.28\", \"versionType\": \"custom\"}]}, {\"vendor\": \"Microsoft\", \"product\": \".NET 9.0\", \"versions\": [{\"status\": \"affected\", \"version\": \"9.0.0\", \"lessThan\": \"9.0.17\", \"versionType\": \"custom\"}]}], \"datePublic\": \"2026-06-09T14:00:00.000Z\", \"references\": [{\"url\": \"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45491\", \"name\": \".NET Tampering Vulnerability\", \"tags\": [\"vendor-advisory\", \"patch\"]}], \"descriptions\": [{\"lang\": \"en-US\", \"value\": \"Improper link resolution before file access (\u0027link following\u0027) in .NET allows an unauthorized attacker to perform tampering locally.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en-US\", \"type\": \"CWE\", \"cweId\": \"CWE-59\", \"description\": \"CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)\"}]}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.9\", \"versionStartIncluding\": \"10.0.0\"}, {\"criteria\": \"cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"8.0.28\", \"versionStartIncluding\": \"8.0\"}, {\"criteria\": \"cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"8.0.28\", \"versionStartIncluding\": \"8.0.0\"}, {\"criteria\": \"cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"9.0.17\", \"versionStartIncluding\": \"9.0.0\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"f38d906d-7342-40ea-92c1-6c4a2c6478c8\", \"shortName\": \"microsoft\", \"dateUpdated\": \"2026-06-10T17:53:34.455Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-45491\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-06-10T17:53:34.455Z\", \"dateReserved\": \"2026-05-12T16:07:22.618Z\", \"assignerOrgId\": \"f38d906d-7342-40ea-92c1-6c4a2c6478c8\", \"datePublished\": \"2026-06-09T17:04:44.457Z\", \"assignerShortName\": \"microsoft\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
alsa-2026:25110
Vulnerability from osv_almalinux
Published
2026-06-10 00:00
Modified
2026-06-11 08:48
Summary
Important: .NET 8.0 security update
Details
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.
New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.128 and .NET Runtime 8.0.28.Security Fix(es):
- dotnet: .NET: Local file tampering via link following vulnerability (CVE-2026-45491)
- dotnet: ASP.NET Core: Denial of Service via uncontrolled resource consumption (CVE-2026-45591)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References
{
"affected": [
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "aspnetcore-runtime-8.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8.0.28-1.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "aspnetcore-runtime-dbg-8.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8.0.28-1.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "aspnetcore-targeting-pack-8.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8.0.28-1.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "dotnet-apphost-pack-8.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8.0.28-1.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "dotnet-hostfxr-8.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8.0.28-1.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "dotnet-runtime-8.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8.0.28-1.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "dotnet-runtime-dbg-8.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8.0.28-1.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "dotnet-sdk-8.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8.0.128-1.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "dotnet-sdk-8.0-source-built-artifacts"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8.0.128-1.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "dotnet-sdk-dbg-8.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8.0.128-1.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "dotnet-targeting-pack-8.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8.0.28-1.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "dotnet-templates-8.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8.0.128-1.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"details": ".NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. \n\nNew versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.128 and .NET Runtime 8.0.28.Security Fix(es): \n\n * dotnet: .NET: Local file tampering via link following vulnerability (CVE-2026-45491)\n * dotnet: ASP.NET Core: Denial of Service via uncontrolled resource consumption (CVE-2026-45591)\n\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n",
"id": "ALSA-2026:25110",
"modified": "2026-06-11T08:48:15Z",
"published": "2026-06-10T00:00:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://access.redhat.com/errata/RHSA-2026:25110"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-45491"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-45591"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2487164"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2487224"
},
{
"type": "ADVISORY",
"url": "https://errata.almalinux.org/8/ALSA-2026-25110.html"
}
],
"related": [
"CVE-2026-45491",
"CVE-2026-45591"
],
"summary": "Important: .NET 8.0 security update"
}
alsa-2026:25111
Vulnerability from osv_almalinux
Published
2026-06-10 00:00
Modified
2026-06-11 08:46
Summary
Important: .NET 8.0 security update
Details
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.
New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.128 and .NET Runtime 8.0.28.Security Fix(es):
- dotnet: .NET: Local file tampering via link following vulnerability (CVE-2026-45491)
- dotnet: ASP.NET Core: Denial of Service via uncontrolled resource consumption (CVE-2026-45591)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References
| URL | Type | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "aspnetcore-runtime-8.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8.0.28-1.el10_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "aspnetcore-runtime-dbg-8.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8.0.28-1.el10_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "aspnetcore-targeting-pack-8.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8.0.28-1.el10_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "dotnet-apphost-pack-8.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8.0.28-1.el10_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "dotnet-hostfxr-8.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8.0.28-1.el10_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "dotnet-runtime-8.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8.0.28-1.el10_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "dotnet-runtime-dbg-8.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8.0.28-1.el10_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "dotnet-sdk-8.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8.0.128-1.el10_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "dotnet-sdk-8.0-source-built-artifacts"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8.0.128-1.el10_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "dotnet-sdk-dbg-8.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8.0.128-1.el10_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "dotnet-targeting-pack-8.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8.0.28-1.el10_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "dotnet-templates-8.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8.0.128-1.el10_2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"details": ".NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. \n\nNew versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.128 and .NET Runtime 8.0.28.Security Fix(es): \n\n * dotnet: .NET: Local file tampering via link following vulnerability (CVE-2026-45491)\n * dotnet: ASP.NET Core: Denial of Service via uncontrolled resource consumption (CVE-2026-45591)\n\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n",
"id": "ALSA-2026:25111",
"modified": "2026-06-11T08:46:20Z",
"published": "2026-06-10T00:00:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://access.redhat.com/errata/RHSA-2026:25111"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-45491"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-45591"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2487164"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2487224"
},
{
"type": "ADVISORY",
"url": "https://errata.almalinux.org/10/ALSA-2026-25111.html"
}
],
"related": [
"CVE-2026-45491",
"CVE-2026-45591"
],
"summary": "Important: .NET 8.0 security update"
}
alsa-2026:25112
Vulnerability from osv_almalinux
Published
2026-06-10 00:00
Modified
2026-06-11 08:44
Summary
Important: .NET 9.0 security update
Details
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.
New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 9.0.118 and .NET Runtime 9.0.17.Security Fix(es):
- dotnet: .NET: Local file tampering via link following vulnerability (CVE-2026-45491)
- dotnet: ASP.NET Core: Denial of Service via uncontrolled resource consumption (CVE-2026-45591)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References
| URL | Type | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "aspnetcore-runtime-9.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.0.17-1.el10_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "aspnetcore-runtime-dbg-9.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.0.17-1.el10_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "aspnetcore-targeting-pack-9.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.0.17-1.el10_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "dotnet-apphost-pack-9.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.0.17-1.el10_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "dotnet-hostfxr-9.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.0.17-1.el10_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "dotnet-runtime-9.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.0.17-1.el10_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "dotnet-runtime-dbg-9.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.0.17-1.el10_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "dotnet-sdk-9.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.0.118-1.el10_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "dotnet-sdk-9.0-source-built-artifacts"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.0.118-1.el10_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "dotnet-sdk-aot-9.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.0.118-1.el10_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "dotnet-sdk-dbg-9.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.0.118-1.el10_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "dotnet-targeting-pack-9.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.0.17-1.el10_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "dotnet-templates-9.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.0.118-1.el10_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "netstandard-targeting-pack-2.1"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.0.118-1.el10_2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"details": ".NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. \n\nNew versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 9.0.118 and .NET Runtime 9.0.17.Security Fix(es): \n\n * dotnet: .NET: Local file tampering via link following vulnerability (CVE-2026-45491)\n * dotnet: ASP.NET Core: Denial of Service via uncontrolled resource consumption (CVE-2026-45591)\n\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n",
"id": "ALSA-2026:25112",
"modified": "2026-06-11T08:44:41Z",
"published": "2026-06-10T00:00:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://access.redhat.com/errata/RHSA-2026:25112"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-45491"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-45591"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2487164"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2487224"
},
{
"type": "ADVISORY",
"url": "https://errata.almalinux.org/10/ALSA-2026-25112.html"
}
],
"related": [
"CVE-2026-45491",
"CVE-2026-45591"
],
"summary": "Important: .NET 9.0 security update"
}
alsa-2026:25113
Vulnerability from osv_almalinux
Published
2026-06-10 00:00
Modified
2026-06-11 08:46
Summary
Important: .NET 9.0 security update
Details
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.
New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 9.0.118 and .NET Runtime 9.0.17.Security Fix(es):
- dotnet: .NET: Local file tampering via link following vulnerability (CVE-2026-45491)
- dotnet: ASP.NET Core: Denial of Service via uncontrolled resource consumption (CVE-2026-45591)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References
| URL | Type | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "aspnetcore-runtime-9.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.0.17-1.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "aspnetcore-runtime-dbg-9.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.0.17-1.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "aspnetcore-targeting-pack-9.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.0.17-1.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "dotnet-apphost-pack-9.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.0.17-1.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "dotnet-hostfxr-9.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.0.17-1.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "dotnet-runtime-9.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.0.17-1.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "dotnet-runtime-dbg-9.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.0.17-1.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "dotnet-sdk-9.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.0.118-1.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "dotnet-sdk-9.0-source-built-artifacts"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.0.118-1.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "dotnet-sdk-aot-9.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.0.118-1.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "dotnet-sdk-dbg-9.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.0.118-1.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "dotnet-targeting-pack-9.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.0.17-1.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "dotnet-templates-9.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.0.118-1.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "netstandard-targeting-pack-2.1"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.0.118-1.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"details": ".NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. \n\nNew versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 9.0.118 and .NET Runtime 9.0.17.Security Fix(es): \n\n * dotnet: .NET: Local file tampering via link following vulnerability (CVE-2026-45491)\n * dotnet: ASP.NET Core: Denial of Service via uncontrolled resource consumption (CVE-2026-45591)\n\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n",
"id": "ALSA-2026:25113",
"modified": "2026-06-11T08:46:10Z",
"published": "2026-06-10T00:00:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://access.redhat.com/errata/RHSA-2026:25113"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-45491"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-45591"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2487164"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2487224"
},
{
"type": "ADVISORY",
"url": "https://errata.almalinux.org/8/ALSA-2026-25113.html"
}
],
"related": [
"CVE-2026-45491",
"CVE-2026-45591"
],
"summary": "Important: .NET 9.0 security update"
}
alsa-2026:25114
Vulnerability from osv_almalinux
Published
2026-06-10 00:00
Modified
2026-06-11 08:45
Summary
Important: .NET 10.0 security update
Details
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.
New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 10.0.109 and .NET Runtime 10.0.9.Security Fix(es):
- dotnet: .NET: Local file tampering via link following vulnerability (CVE-2026-45491)
- dotnet: ASP.NET Core: Denial of Service via uncontrolled resource consumption (CVE-2026-45591)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References
| URL | Type | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "aspnetcore-runtime-10.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "10.0.9-1.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "aspnetcore-runtime-dbg-10.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "10.0.9-1.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "aspnetcore-targeting-pack-10.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "10.0.9-1.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "dotnet"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "10.0.109-1.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "dotnet-apphost-pack-10.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "10.0.9-1.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "dotnet-host"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "10.0.9-1.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "dotnet-hostfxr-10.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "10.0.9-1.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "dotnet-runtime-10.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "10.0.9-1.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "dotnet-runtime-dbg-10.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "10.0.9-1.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "dotnet-sdk-10.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "10.0.109-1.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "dotnet-sdk-10.0-source-built-artifacts"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "10.0.109-1.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "dotnet-sdk-aot-10.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "10.0.109-1.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "dotnet-sdk-dbg-10.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "10.0.109-1.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "dotnet-targeting-pack-10.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "10.0.9-1.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "dotnet-templates-10.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "10.0.109-1.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"details": ".NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. \n\nNew versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 10.0.109 and .NET Runtime 10.0.9.Security Fix(es): \n\n * dotnet: .NET: Local file tampering via link following vulnerability (CVE-2026-45491)\n * dotnet: ASP.NET Core: Denial of Service via uncontrolled resource consumption (CVE-2026-45591)\n\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n",
"id": "ALSA-2026:25114",
"modified": "2026-06-11T08:45:35Z",
"published": "2026-06-10T00:00:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://access.redhat.com/errata/RHSA-2026:25114"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-45491"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-45591"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2487164"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2487224"
},
{
"type": "ADVISORY",
"url": "https://errata.almalinux.org/8/ALSA-2026-25114.html"
}
],
"related": [
"CVE-2026-45491",
"CVE-2026-45591"
],
"summary": "Important: .NET 10.0 security update"
}
alsa-2026:25115
Vulnerability from osv_almalinux
Published
2026-06-10 00:00
Modified
2026-06-11 08:43
Summary
Important: .NET 10.0 security update
Details
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.
New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 10.0.109 and .NET Runtime 10.0.9.Security Fix(es):
- dotnet: .NET: Local file tampering via link following vulnerability (CVE-2026-45491)
- dotnet: ASP.NET Core: Denial of Service via uncontrolled resource consumption (CVE-2026-45591)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References
| URL | Type | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "aspnetcore-runtime-10.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "10.0.9-1.el10_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "aspnetcore-runtime-dbg-10.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "10.0.9-1.el10_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "aspnetcore-targeting-pack-10.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "10.0.9-1.el10_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "dotnet-apphost-pack-10.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "10.0.9-1.el10_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "dotnet-host"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "10.0.9-1.el10_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "dotnet-hostfxr-10.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "10.0.9-1.el10_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "dotnet-runtime-10.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "10.0.9-1.el10_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "dotnet-runtime-dbg-10.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "10.0.9-1.el10_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "dotnet-sdk-10.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "10.0.109-1.el10_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "dotnet-sdk-10.0-source-built-artifacts"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "10.0.109-1.el10_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "dotnet-sdk-aot-10.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "10.0.109-1.el10_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "dotnet-sdk-dbg-10.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "10.0.109-1.el10_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "dotnet-targeting-pack-10.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "10.0.9-1.el10_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "dotnet-templates-10.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "10.0.109-1.el10_2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"details": ".NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. \n\nNew versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 10.0.109 and .NET Runtime 10.0.9.Security Fix(es): \n\n * dotnet: .NET: Local file tampering via link following vulnerability (CVE-2026-45491)\n * dotnet: ASP.NET Core: Denial of Service via uncontrolled resource consumption (CVE-2026-45591)\n\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n",
"id": "ALSA-2026:25115",
"modified": "2026-06-11T08:43:02Z",
"published": "2026-06-10T00:00:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://access.redhat.com/errata/RHSA-2026:25115"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-45491"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-45591"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2487164"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2487224"
},
{
"type": "ADVISORY",
"url": "https://errata.almalinux.org/10/ALSA-2026-25115.html"
}
],
"related": [
"CVE-2026-45491",
"CVE-2026-45591"
],
"summary": "Important: .NET 10.0 security update"
}
alsa-2026:25220
Vulnerability from osv_almalinux
Published
2026-06-11 00:00
Modified
2026-06-12 09:45
Summary
Important: .NET 8.0 security update
Details
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.
New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.128 and .NET Runtime 8.0.28.Security Fix(es):
- dotnet: .NET: Local file tampering via link following vulnerability (CVE-2026-45491)
- dotnet: ASP.NET Core: Denial of Service via uncontrolled resource consumption (CVE-2026-45591)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References
| URL | Type | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "aspnetcore-runtime-8.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8.0.28-1.el9_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "aspnetcore-runtime-dbg-8.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8.0.28-1.el9_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "aspnetcore-targeting-pack-8.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8.0.28-1.el9_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "dotnet-apphost-pack-8.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8.0.28-1.el9_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "dotnet-hostfxr-8.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8.0.28-1.el9_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "dotnet-runtime-8.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8.0.28-1.el9_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "dotnet-runtime-dbg-8.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8.0.28-1.el9_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "dotnet-sdk-8.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8.0.128-1.el9_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "dotnet-sdk-8.0-source-built-artifacts"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8.0.128-1.el9_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "dotnet-sdk-dbg-8.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8.0.128-1.el9_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "dotnet-targeting-pack-8.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8.0.28-1.el9_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "dotnet-templates-8.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8.0.128-1.el9_8"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"details": ".NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. \n\nNew versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.128 and .NET Runtime 8.0.28.Security Fix(es): \n\n * dotnet: .NET: Local file tampering via link following vulnerability (CVE-2026-45491)\n * dotnet: ASP.NET Core: Denial of Service via uncontrolled resource consumption (CVE-2026-45591)\n\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n",
"id": "ALSA-2026:25220",
"modified": "2026-06-12T09:45:33Z",
"published": "2026-06-11T00:00:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://access.redhat.com/errata/RHSA-2026:25220"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-45491"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-45591"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2487164"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2487224"
},
{
"type": "ADVISORY",
"url": "https://errata.almalinux.org/9/ALSA-2026-25220.html"
}
],
"related": [
"CVE-2026-45491",
"CVE-2026-45591"
],
"summary": "Important: .NET 8.0 security update"
}
alsa-2026:25221
Vulnerability from osv_almalinux
Published
2026-06-11 00:00
Modified
2026-06-12 11:39
Summary
Important: .NET 9.0 security update
Details
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.
New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 9.0.118 and .NET Runtime 9.0.17.Security Fix(es):
- dotnet: .NET: Local file tampering via link following vulnerability (CVE-2026-45491)
- dotnet: ASP.NET Core: Denial of Service via uncontrolled resource consumption (CVE-2026-45591)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References
| URL | Type | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "aspnetcore-runtime-9.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.0.17-1.el9_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "aspnetcore-runtime-dbg-9.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.0.17-1.el9_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "aspnetcore-targeting-pack-9.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.0.17-1.el9_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "dotnet-apphost-pack-9.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.0.17-1.el9_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "dotnet-hostfxr-9.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.0.17-1.el9_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "dotnet-runtime-9.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.0.17-1.el9_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "dotnet-runtime-dbg-9.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.0.17-1.el9_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "dotnet-sdk-9.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.0.118-1.el9_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "dotnet-sdk-9.0-source-built-artifacts"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.0.118-1.el9_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "dotnet-sdk-aot-9.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.0.118-1.el9_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "dotnet-sdk-dbg-9.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.0.118-1.el9_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "dotnet-targeting-pack-9.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.0.17-1.el9_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "dotnet-templates-9.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.0.118-1.el9_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "netstandard-targeting-pack-2.1"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.0.118-1.el9_8"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"details": ".NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. \n\nNew versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 9.0.118 and .NET Runtime 9.0.17.Security Fix(es): \n\n * dotnet: .NET: Local file tampering via link following vulnerability (CVE-2026-45491)\n * dotnet: ASP.NET Core: Denial of Service via uncontrolled resource consumption (CVE-2026-45591)\n\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n",
"id": "ALSA-2026:25221",
"modified": "2026-06-12T11:39:45Z",
"published": "2026-06-11T00:00:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://access.redhat.com/errata/RHSA-2026:25221"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-45491"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-45591"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2487164"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2487224"
},
{
"type": "ADVISORY",
"url": "https://errata.almalinux.org/9/ALSA-2026-25221.html"
}
],
"related": [
"CVE-2026-45491",
"CVE-2026-45591"
],
"summary": "Important: .NET 9.0 security update"
}
alsa-2026:25222
Vulnerability from osv_almalinux
Published
2026-06-11 00:00
Modified
2026-06-12 09:45
Summary
Important: .NET 10.0 security update
Details
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.
New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 10.0.109 and .NET Runtime 10.0.9.Security Fix(es):
- dotnet: .NET: Local file tampering via link following vulnerability (CVE-2026-45491)
- dotnet: ASP.NET Core: Denial of Service via uncontrolled resource consumption (CVE-2026-45591)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References
| URL | Type | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "aspnetcore-runtime-10.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "10.0.9-1.el9_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "aspnetcore-runtime-dbg-10.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "10.0.9-1.el9_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "aspnetcore-targeting-pack-10.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "10.0.9-1.el9_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "dotnet-apphost-pack-10.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "10.0.9-1.el9_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "dotnet-host"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "10.0.9-1.el9_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "dotnet-hostfxr-10.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "10.0.9-1.el9_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "dotnet-runtime-10.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "10.0.9-1.el9_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "dotnet-runtime-dbg-10.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "10.0.9-1.el9_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "dotnet-sdk-10.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "10.0.109-1.el9_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "dotnet-sdk-10.0-source-built-artifacts"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "10.0.109-1.el9_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "dotnet-sdk-aot-10.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "10.0.109-1.el9_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "dotnet-sdk-dbg-10.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "10.0.109-1.el9_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "dotnet-targeting-pack-10.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "10.0.9-1.el9_8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "dotnet-templates-10.0"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "10.0.109-1.el9_8"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"details": ".NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. \n\nNew versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 10.0.109 and .NET Runtime 10.0.9.Security Fix(es): \n\n * dotnet: .NET: Local file tampering via link following vulnerability (CVE-2026-45491)\n * dotnet: ASP.NET Core: Denial of Service via uncontrolled resource consumption (CVE-2026-45591)\n\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n",
"id": "ALSA-2026:25222",
"modified": "2026-06-12T09:45:37Z",
"published": "2026-06-11T00:00:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://access.redhat.com/errata/RHSA-2026:25222"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-45491"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-45591"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2487164"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2487224"
},
{
"type": "ADVISORY",
"url": "https://errata.almalinux.org/9/ALSA-2026-25222.html"
}
],
"related": [
"CVE-2026-45491",
"CVE-2026-45591"
],
"summary": "Important: .NET 10.0 security update"
}
CERTFR-2026-AVI-0728
Vulnerability from certfr_avis - Published: 2026-06-10 - Updated: 2026-06-10
De multiples vulnérabilités ont été découvertes dans Microsoft Windows. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Microsoft | Windows | Windows 10 Version 1809 pour systèmes x64 versions antérieures à 10.0.17763.8880 | ||
| Microsoft | Windows | Windows Server 2025 (Server Core installation) versions antérieures à 10.0.26100.32772 | ||
| Microsoft | Windows | Windows Server 2025 versions antérieures à 10.0.26100.32772 | ||
| Microsoft | Windows | Windows 11 Version 25H2 pour systèmes x64 versions antérieures à 10.0.26200.8655 | ||
| Microsoft | Windows | Windows 11 Version 24H2 pour systèmes ARM64 versions antérieures à 10.0.26100.8655 | ||
| Microsoft | Windows | Windows 10 Version 21H2 pour systèmes ARM64 versions antérieures à 10.0.19044.7417 | ||
| Microsoft | Windows | Windows Server 2012 versions antérieures à 6.2.9200.26132 | ||
| Microsoft | Windows | Windows 11 Version 26H1 pour systèmes ARM64 versions antérieures à 10.0.28000.2269 | ||
| Microsoft | Windows | Windows Server 2016 (Server Core installation) versions antérieures à 10.0.14393.9234 | ||
| Microsoft | Windows | Windows 10 Version 22H2 pour systèmes ARM64 versions antérieures à 10.0.19045.7417 | ||
| Microsoft | Windows | Windows Server 2012 R2 (Server Core installation) versions antérieures à 1.000 | ||
| Microsoft | Windows | Windows Server 2025 (Server Core installation) versions antérieures à 10.0.26100.8655 | ||
| Microsoft | Windows | Windows Server 2012 R2 (Server Core installation) versions antérieures à 6.3.9600.23228 | ||
| Microsoft | Windows | Windows Server 2016 versions antérieures à 10.0.14393.9234 | ||
| Microsoft | Windows | Windows 10 Version 1809 pour systèmes 32 bits versions antérieures à 10.0.17763.8880 | ||
| Microsoft | Windows | Windows 10 Version 22H2 pour systèmes x64 versions antérieures à 10.0.19045.7417 | ||
| Microsoft | Windows | Windows Server 2012 R2 versions antérieures à 6.3.9600.23228 | ||
| Microsoft | Windows | Remote Desktop client pour Windows Desktop versions antérieures à 1.2.7214.0 | ||
| Microsoft | Windows | Windows 11 Version 24H2 pour systèmes x64 versions antérieures à 10.0.26100.8655 | ||
| Microsoft | Windows | .NET 9.0 installé sur Windows versions antérieures à 9.0.17 | ||
| Microsoft | Windows | Windows 10 Version 22H2 pour systèmes 32 bits versions antérieures à 10.0.19045.7417 | ||
| Microsoft | Windows | .NET 10.0 installé sur Windows versions antérieures à 10.0.9 | ||
| Microsoft | Windows | Windows Server 2019 (Server Core installation) versions antérieures à 10.0.17763.8880 | ||
| Microsoft | Windows | Windows Server 2012 R2 versions antérieures à 1.000 | ||
| Microsoft | Windows | Windows Server, version 2004 (Server Core installation) antérieures à 10.0.19045.7417 | ||
| Microsoft | Windows | Windows 10 Version 21H2 pour systèmes x64 versions antérieures à 10.0.19044.7417 | ||
| Microsoft | Windows | Windows 11 Version 25H2 pour systèmes ARM64 versions antérieures à 10.0.26200.8655 | ||
| Microsoft | Windows | Windows Server 2022 (Server Core installation) versions antérieures à 10.0.20348.5256 | ||
| Microsoft | Windows | Windows Server 2025 versions antérieures à 10.0.26100.8655 | ||
| Microsoft | Windows | Windows 11 Version 25H2 pour systèmes ARM64 versions antérieures à 10.0.26200.8390 | ||
| Microsoft | Windows | Windows 11 Version 25H2 pour systèmes x64 versions antérieures à 10.0.26200.8390 | ||
| Microsoft | Windows | Windows 11 Version 24H2 pour systèmes ARM64 versions antérieures à 10.0.26100.8390 | ||
| Microsoft | Windows | Windows 10 Version 1607 pour systèmes x64 versions antérieures à 10.0.14393.9234 | ||
| Microsoft | Windows | Windows 10 Version 21H2 pour systèmes 32 bits versions antérieures à 10.0.19044.7417 | ||
| Microsoft | Windows | Windows 11 Version 22H2 pour systèmes ARM64 versions antérieures à 10.0.22631.7219 | ||
| Microsoft | Windows | Windows 11 Version 23H2 pour systèmes x64 versions antérieures à 10.0.22631.7219 | ||
| Microsoft | Windows | Windows App Client pour Windows Desktop versions antérieures à 2.0.1193.0 | ||
| Microsoft | Windows | .NET 8.0 installé sur Windows versions antérieures à 8.0.28 | ||
| Microsoft | Windows | Windows 11 Version 26H1 pour systèmes x64 - extra versions antérieures à 10.0.28000.2269 | ||
| Microsoft | Windows | Windows Server 2022 versions antérieures à 10.0.20348.5256 | ||
| Microsoft | Windows | Windows Narrator Braille | ||
| Microsoft | Windows | Windows Server 2012 (Server Core installation) versions antérieures à 6.2.9200.26132 | ||
| Microsoft | Windows | Windows 11 Version 23H2 pour systèmes ARM64 versions antérieures à 10.0.22631.7219 | ||
| Microsoft | Windows | Windows Server 2019 versions antérieures à 10.0.17763.8880 | ||
| Microsoft | Windows | Windows 11 version 26H1 pour systèmes x64 antérieures à 10.0.28000.2269 | ||
| Microsoft | Windows | Windows Server 2025 versions antérieures à 10.0.26100.32995 | ||
| Microsoft | Windows | Windows 11 Version 24H2 pour systèmes x64 versions antérieures à 10.0.26100.8390 | ||
| Microsoft | Windows | Windows 10 Version 1607 pour systèmes 32 bits versions antérieures à 10.0.14393.9234 | ||
| Microsoft | Windows | Windows Server 2025 (Server Core installation) versions antérieures à 10.0.26100.32995 | ||
| Microsoft | Windows | Windows 11 Version 22H2 pour systèmes x64 versions antérieures à 10.0.22631.7219 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Windows 10 Version 1809 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.17763.8880",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2025 (Server Core installation) versions ant\u00e9rieures \u00e0 10.0.26100.32772",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2025 versions ant\u00e9rieures \u00e0 10.0.26100.32772",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 25H2 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.26200.8655",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 24H2 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.26100.8655",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 21H2 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.19044.7417",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012 versions ant\u00e9rieures \u00e0 6.2.9200.26132",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 26H1 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.28000.2269",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2016 (Server Core installation) versions ant\u00e9rieures \u00e0 10.0.14393.9234",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 22H2 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.19045.7417",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012 R2 (Server Core installation) versions ant\u00e9rieures \u00e0 1.000",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2025 (Server Core installation) versions ant\u00e9rieures \u00e0 10.0.26100.8655",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012 R2 (Server Core installation) versions ant\u00e9rieures \u00e0 6.3.9600.23228",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2016 versions ant\u00e9rieures \u00e0 10.0.14393.9234",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1809 pour syst\u00e8mes 32 bits versions ant\u00e9rieures \u00e0 10.0.17763.8880",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 22H2 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.19045.7417",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012 R2 versions ant\u00e9rieures \u00e0 6.3.9600.23228",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Remote Desktop client pour Windows Desktop versions ant\u00e9rieures \u00e0 1.2.7214.0",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 24H2 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.26100.8655",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": ".NET 9.0 install\u00e9 sur Windows versions ant\u00e9rieures \u00e0 9.0.17",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 22H2 pour syst\u00e8mes 32 bits versions ant\u00e9rieures \u00e0 10.0.19045.7417",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": ".NET 10.0 install\u00e9 sur Windows versions ant\u00e9rieures \u00e0 10.0.9",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2019 (Server Core installation) versions ant\u00e9rieures \u00e0 10.0.17763.8880",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012 R2 versions ant\u00e9rieures \u00e0 1.000",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server, version 2004 (Server Core installation) ant\u00e9rieures \u00e0 10.0.19045.7417",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 21H2 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.19044.7417",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 25H2 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.26200.8655",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2022 (Server Core installation) versions ant\u00e9rieures \u00e0 10.0.20348.5256",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2025 versions ant\u00e9rieures \u00e0 10.0.26100.8655",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 25H2 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.26200.8390",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 25H2 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.26200.8390",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 24H2 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.26100.8390",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1607 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.14393.9234",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 21H2 pour syst\u00e8mes 32 bits versions ant\u00e9rieures \u00e0 10.0.19044.7417",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 22H2 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.22631.7219",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 23H2 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.22631.7219",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows App Client pour Windows Desktop versions ant\u00e9rieures \u00e0 2.0.1193.0",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": ".NET 8.0 install\u00e9 sur Windows versions ant\u00e9rieures \u00e0 8.0.28",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 26H1 pour syst\u00e8mes x64 - extra versions ant\u00e9rieures \u00e0 10.0.28000.2269",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2022 versions ant\u00e9rieures \u00e0 10.0.20348.5256",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Narrator Braille",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012 (Server Core installation) versions ant\u00e9rieures \u00e0 6.2.9200.26132",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 23H2 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.22631.7219",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2019 versions ant\u00e9rieures \u00e0 10.0.17763.8880",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 version 26H1 pour syst\u00e8mes x64 ant\u00e9rieures \u00e0 10.0.28000.2269",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2025 versions ant\u00e9rieures \u00e0 10.0.26100.32995",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 24H2 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.26100.8390",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1607 pour syst\u00e8mes 32 bits versions ant\u00e9rieures \u00e0 10.0.14393.9234",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2025 (Server Core installation) versions ant\u00e9rieures \u00e0 10.0.26100.32995",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 22H2 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.22631.7219",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2026-45596",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45596"
},
{
"name": "CVE-2026-42907",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42907"
},
{
"name": "CVE-2026-42913",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42913"
},
{
"name": "CVE-2026-33828",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33828"
},
{
"name": "CVE-2026-42903",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42903"
},
{
"name": "CVE-2026-42972",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42972"
},
{
"name": "CVE-2026-45487",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45487"
},
{
"name": "CVE-2026-44805",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44805"
},
{
"name": "CVE-2026-44803",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44803"
},
{
"name": "CVE-2026-45607",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45607"
},
{
"name": "CVE-2026-42968",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42968"
},
{
"name": "CVE-2026-45600",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45600"
},
{
"name": "CVE-2026-42906",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42906"
},
{
"name": "CVE-2026-42970",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42970"
},
{
"name": "CVE-2026-42984",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42984"
},
{
"name": "CVE-2026-45604",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45604"
},
{
"name": "CVE-2026-41092",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-41092"
},
{
"name": "CVE-2026-44811",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44811"
},
{
"name": "CVE-2026-45603",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45603"
},
{
"name": "CVE-2026-41108",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-41108"
},
{
"name": "CVE-2026-44812",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44812"
},
{
"name": "CVE-2026-44809",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44809"
},
{
"name": "CVE-2026-42916",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42916"
},
{
"name": "CVE-2026-42915",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42915"
},
{
"name": "CVE-2026-42971",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42971"
},
{
"name": "CVE-2026-45658",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45658"
},
{
"name": "CVE-2026-45591",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45591"
},
{
"name": "CVE-2026-42910",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42910"
},
{
"name": "CVE-2026-45592",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45592"
},
{
"name": "CVE-2026-45598",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45598"
},
{
"name": "CVE-2026-45597",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45597"
},
{
"name": "CVE-2026-45655",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45655"
},
{
"name": "CVE-2026-45654",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45654"
},
{
"name": "CVE-2026-48574",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-48574"
},
{
"name": "CVE-2026-45602",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45602"
},
{
"name": "CVE-2026-48576",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-48576"
},
{
"name": "CVE-2026-45639",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45639"
},
{
"name": "CVE-2026-45634",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45634"
},
{
"name": "CVE-2026-45594",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45594"
},
{
"name": "CVE-2026-42912",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42912"
},
{
"name": "CVE-2026-44804",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44804"
},
{
"name": "CVE-2026-42908",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42908"
},
{
"name": "CVE-2026-50508",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-50508"
},
{
"name": "CVE-2026-42829",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42829"
},
{
"name": "CVE-2026-48575",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-48575"
},
{
"name": "CVE-2026-34335",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34335"
},
{
"name": "CVE-2026-42978",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42978"
},
{
"name": "CVE-2026-47654",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-47654"
},
{
"name": "CVE-2026-45653",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45653"
},
{
"name": "CVE-2026-45642",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45642"
},
{
"name": "CVE-2026-42911",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42911"
},
{
"name": "CVE-2026-42905",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42905"
},
{
"name": "CVE-2026-45586",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45586"
},
{
"name": "CVE-2026-42837",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42837"
},
{
"name": "CVE-2026-44810",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44810"
},
{
"name": "CVE-2026-44807",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44807"
},
{
"name": "CVE-2026-44801",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44801"
},
{
"name": "CVE-2026-42973",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42973"
},
{
"name": "CVE-2026-42979",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42979"
},
{
"name": "CVE-2025-10263",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-10263"
},
{
"name": "CVE-2026-45608",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45608"
},
{
"name": "CVE-2026-42983",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42983"
},
{
"name": "CVE-2026-48570",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-48570"
},
{
"name": "CVE-2026-42977",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42977"
},
{
"name": "CVE-2026-47656",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-47656"
},
{
"name": "CVE-2026-42989",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42989"
},
{
"name": "CVE-2026-40409",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40409"
},
{
"name": "CVE-2026-45606",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45606"
},
{
"name": "CVE-2026-42828",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42828"
},
{
"name": "CVE-2026-45640",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45640"
},
{
"name": "CVE-2026-47648",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-47648"
},
{
"name": "CVE-2026-45636",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45636"
},
{
"name": "CVE-2026-48565",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-48565"
},
{
"name": "CVE-2026-42836",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42836"
},
{
"name": "CVE-2026-42974",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42974"
},
{
"name": "CVE-2026-42980",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42980"
},
{
"name": "CVE-2026-45656",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45656"
},
{
"name": "CVE-2026-45637",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45637"
},
{
"name": "CVE-2026-47288",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-47288"
},
{
"name": "CVE-2026-42904",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42904"
},
{
"name": "CVE-2026-45599",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45599"
},
{
"name": "CVE-2026-44799",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44799"
},
{
"name": "CVE-2026-45638",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45638"
},
{
"name": "CVE-2026-42981",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42981"
},
{
"name": "CVE-2026-42991",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42991"
},
{
"name": "CVE-2026-45593",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45593"
},
{
"name": "CVE-2026-45490",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45490"
},
{
"name": "CVE-2026-48573",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-48573"
},
{
"name": "CVE-2026-44808",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44808"
},
{
"name": "CVE-2026-48566",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-48566"
},
{
"name": "CVE-2026-45601",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45601"
},
{
"name": "CVE-2026-44802",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44802"
},
{
"name": "CVE-2026-42992",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42992"
},
{
"name": "CVE-2026-44813",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44813"
},
{
"name": "CVE-2026-45605",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45605"
},
{
"name": "CVE-2026-40404",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40404"
},
{
"name": "CVE-2026-50507",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-50507"
},
{
"name": "CVE-2026-47289",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-47289"
},
{
"name": "CVE-2026-45635",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45635"
},
{
"name": "CVE-2026-42986",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42986"
},
{
"name": "CVE-2026-44815",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44815"
},
{
"name": "CVE-2026-44814",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44814"
},
{
"name": "CVE-2026-45641",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45641"
},
{
"name": "CVE-2026-42993",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42993"
},
{
"name": "CVE-2026-8863",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-8863"
},
{
"name": "CVE-2026-48568",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-48568"
},
{
"name": "CVE-2026-48563",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-48563"
},
{
"name": "CVE-2026-42987",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42987"
},
{
"name": "CVE-2026-49160",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-49160"
},
{
"name": "CVE-2026-45491",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45491"
},
{
"name": "CVE-2026-48583",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-48583"
},
{
"name": "CVE-2026-45657",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45657"
},
{
"name": "CVE-2026-48578",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-48578"
},
{
"name": "CVE-2026-42914",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42914"
},
{
"name": "CVE-2026-45648",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45648"
},
{
"name": "CVE-2026-47653",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-47653"
},
{
"name": "CVE-2026-45588",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45588"
},
{
"name": "CVE-2026-42909",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42909"
},
{
"name": "CVE-2026-42969",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42969"
},
{
"name": "CVE-2026-47652",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-47652"
},
{
"name": "CVE-2026-45595",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45595"
},
{
"name": "CVE-2026-42985",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42985"
},
{
"name": "CVE-2026-47291",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-47291"
}
],
"initial_release_date": "2026-06-10T00:00:00",
"last_revision_date": "2026-06-10T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0728",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-06-10T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Microsoft Windows. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Microsoft Windows",
"vendor_advisories": [
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-48563",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-48563"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-42978",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42978"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-47291",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47291"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-40404",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-40404"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-42909",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42909"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-45608",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45608"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-42971",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42971"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-42979",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42979"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-42904",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42904"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-42973",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42973"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-44804",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44804"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-42977",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42977"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-42974",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42974"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-42993",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42993"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-45656",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45656"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-45658",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45658"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-42828",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42828"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-45586",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45586"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-45602",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45602"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-42915",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42915"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-45588",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45588"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-45605",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45605"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-42987",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42987"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-42914",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42914"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-48573",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-48573"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-45599",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45599"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-45592",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45592"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-42906",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42906"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-50507",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50507"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-42980",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42980"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-44815",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44815"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-8863",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8863"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-44814",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44814"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-42969",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42969"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-45642",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45642"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-33828",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33828"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-44813",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44813"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-44799",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44799"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-42837",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42837"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-47653",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47653"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-45635",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45635"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-42905",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42905"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-10263",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-10263"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-44809",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44809"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-42985",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42985"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-45607",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45607"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-42984",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42984"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-42829",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42829"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-45637",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45637"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-42916",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42916"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-45593",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45593"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-45654",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45654"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-42910",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42910"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-45653",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45653"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-48570",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-48570"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-48565",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-48565"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-47289",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47289"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-42911",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42911"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-45603",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45603"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-42912",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42912"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-47652",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47652"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-45600",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45600"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-41092",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-41092"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-45594",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45594"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-47648",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47648"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-45596",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45596"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-45639",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45639"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-44807",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44807"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-42981",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42981"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-44811",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44811"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-42989",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42989"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-47656",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47656"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-45648",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45648"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-42972",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42972"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-45595",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45595"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-50508",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50508"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-44810",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44810"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-45597",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45597"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-42908",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42908"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-47654",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47654"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-45490",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45490"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-45591",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45591"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-42992",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42992"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-44802",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44802"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-48575",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-48575"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-45634",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45634"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-48578",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-48578"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-48583",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-48583"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-40409",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-40409"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-41108",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-41108"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-45655",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45655"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-48576",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-48576"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-45487",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45487"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-45657",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45657"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-42968",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42968"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-34335",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-34335"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-42991",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42991"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-45640",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45640"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-44803",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44803"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-48566",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-48566"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-42913",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42913"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-42903",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42903"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-44808",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44808"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-45598",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45598"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-48568",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-48568"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-47288",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47288"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-45641",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45641"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-42970",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42970"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-42983",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42983"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-42836",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42836"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-45606",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45606"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-42907",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42907"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-45638",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45638"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-44805",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44805"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-44801",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44801"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-45491",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45491"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-45636",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45636"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-49160",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-49160"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-45604",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45604"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-44812",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44812"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-48574",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-48574"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-45601",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45601"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-42986",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42986"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…