High severity7.0NVD Advisory· Published Jul 8, 2025· Updated Apr 15, 2026

CVE-2025-7326

Description

Weak authentication in EOL ASP.NET Core allows an unauthorized attacker to elevate privileges over a network.

NOTE: This CVE affects only End Of Life (EOL) software components. The vendor, Microsoft, has indicated there will be no future updates nor support provided upon inquiry.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24070nvd
www.cve.org/CVERecordnvd
www.herodevs.com/vulnerability-directory/cve-2025-7326nvd
www.herodevs.com/vulnerability-directory/cve-2025-7326nvd

News mentions

No linked articles in our index yet.

cvss	0.455
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000