Sign in Subscribe

← All advisories

Unrated severityNVD Advisory· Published Apr 8, 2025· Updated Feb 13, 2026

ASP.NET Core and Visual Studio Denial of Service Vulnerability

CVE-2025-26682

Description

Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network.

Affected products

8

Microsoft/Asp.netllm-fuzzy
osv-coords
pkg:bitnami/aspnet-core
Range: >= 8.0.0, < 8.0.15
Microsoft/ASP.NET Core 8.0v5
Range: 8.0
Microsoft/ASP.NET Core 9.0v5
Range: 9.0
Microsoft/Microsoft Visual Studio 2022 version 17.10v5
Range: 17.10.0
Microsoft/Microsoft Visual Studio 2022 version 17.12v5
Range: 17.12.0
Microsoft/Microsoft Visual Studio 2022 version 17.13v5
Range: 17.13.0
Microsoft/Microsoft Visual Studio 2022 version 17.8v5
Range: 17.8.0

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

1

msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26682mitrevendor-advisorypatch

News mentions

0

No linked articles in our index yet.