CVE-2026-26171

Versions sourced from the GitHub Security Advisory.

• Dotnet/RuntimeGHSA

  Range: >= 8.0.0, <= 8.0.2
• Microsoft/Net

  cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*

  Range: >=10.0.0,<10.0.6
• Microsoft/Powershell

  cpe:2.3:a:microsoft:powershell:*:*:*:*:*:*:*:*

  Range: >=7.5,<7.5.6

No patches discovered yet.

AI mechanics synthesis has not run for this CVE yet.

• github.com/advisories/GHSA-w3x6-4m5h-cxqfghsaADVISORY
• msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26171nvdVendor AdvisoryWEB
• nvd.nist.gov/vuln/detail/CVE-2026-26171ghsaADVISORY
• github.com/dotnet/announcements/issues/389ghsaWEB
• github.com/dotnet/runtime/security/advisories/GHSA-w3x6-4m5h-cxqfghsaWEB

• In Other News: Big Tech vs Canada Encryption Bill, Cisco’s Free AI Security Spec, Audi App Flaws
  SecurityWeek · May 15, 2026
• Four OpenClaw Flaws Enable Data Theft, Privilege Escalation, and Persistence
  The Hacker News · May 15, 2026
• Living Off the Pipeline: Defending Against CI/CD Subversion
  SentinelOne Labs · May 15, 2026
• Akamai to acquire LayerX for $205 million
  Help Net Security · May 15, 2026
• What 45 Days of Watching Your Own Tools Will Tell You About Your Real Attack Surface
  The Hacker News · May 15, 2026
• Keycard helps developers secure autonomous AI agents with scoped access
  Help Net Security · May 15, 2026
• The time of much patching is coming
  Cisco Talos Intelligence · May 14, 2026
• Stealer Backdoor Found in 3 Node-IPC Versions Targeting Developer Secrets
  The Hacker News · May 14, 2026
• ThreatsDay Bulletin: PAN-OS RCE, Mythos cURL Bug, AI Tokenizer Attacks, and 10+ Stories
  The Hacker News · May 14, 2026
• KongTuke hackers now use Microsoft Teams for corporate breaches
  BleepingComputer · May 14, 2026
• Microsoft’s WinUI agent plugin trims token use by over 70% during development
  Help Net Security · May 14, 2026
• FrostyNeighbor: Fresh mischief and digital shenanigans
  ESET WeLiveSecurity · May 14, 2026
• Iranian hackers targeted major South Korean electronics maker
  BleepingComputer · May 13, 2026
• Sweet Security Launches Agentic AI Red Teaming to Counter ‘Mythos Moment’
  SecurityWeek · May 13, 2026
• When IT Support Calls: Dissecting a ModeloRAT Campaign from Teams to Domain Compromise
  Rapid7 Blog · May 13, 2026
• Fedora Hummingbird brings the container security model to a Linux host OS
  Help Net Security · May 12, 2026
• SAP unveils Autonomous Enterprise for AI-driven business operations
  Help Net Security · May 12, 2026
• New TrickMo Variant Uses TON C2 and SOCKS5 to Create Android Network Pivots
  The Hacker News · May 12, 2026
• Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages
  The Hacker News · May 12, 2026
• TanStack, Mistral AI, UiPath Hit in Fresh Supply Chain Attack
  SecurityWeek · May 12, 2026
• State-sponsored actors, better known as the friends you don’t want
  Cisco Talos Intelligence · May 12, 2026
• Cookie thieves caught stealing dev secrets via fake Claude Code installers
  The Register Security · May 11, 2026
• Hackers Used AI to Develop First Known Zero-Day 2FA Bypass for Mass Exploitation
  The Hacker News · May 11, 2026
• Build Application Firewalls Aim to Stop the Next Supply Chain Attack
  SecurityWeek · May 11, 2026
• Linux developers weigh emergency “killswitch” for vulnerable kernel functions
  Help Net Security · May 11, 2026
• Final Countdown: Last Chance to Join the Rapid7 Global Cybersecurity Summit
  Rapid7 Blog · May 11, 2026
• ⚡ Weekly Recap: Linux Rootkit, macOS Crypto Stealer, WebSocket Skimmers and More
  The Hacker News · May 11, 2026
• Cyber Espionage Group Targets Aviation Firms to Steal Map Data
  Dark Reading · May 11, 2026
• TrickMo Android banker adopts TON blockchain for covert comms
  BleepingComputer · May 11, 2026
• Fake OpenAI Privacy Filter Repo Hits #1 on Hugging Face, Draws 244K Downloads
  The Hacker News · May 11, 2026
• A week in security (May 4 &#8211; May 10)
  Malwarebytes Labs · May 11, 2026
• Rustinel: Open-source endpoint detection for Windows and Linux
  Help Net Security · May 11, 2026
• Week in review: cPanel vulnerability actively exploited, DigiCert breach, LinkedIn job scams
  Help Net Security · May 10, 2026
• Fake OpenAI repository on Hugging Face pushes infostealer malware
  BleepingComputer · May 9, 2026
• Zero Chaos: Scaling Detection Engineering at the Speed of Software, with Detection As Code
  Rapid7 Blog · May 8, 2026
• Snyk integrates Claude to advance AI-native application security
  Help Net Security · May 8, 2026
• Australia warns of ClickFix attacks pushing Vidar Stealer malware
  BleepingComputer · May 7, 2026
• Why Security in 2026 Requires Continuous Threat and Exposure Management (CTEM) at Scale
  Rapid7 Blog · May 7, 2026
• How Cloudflare responded to the “Copy Fail” Linux vulnerability
  Cloudflare Blog · May 7, 2026
• ThreatsDay Bulletin: Edge Plaintext Passwords, ICS 0-Days, Patch-or-Die Alerts and 25+ New Stories
  The Hacker News · May 7, 2026
• Open-source MCP server monitoring for Python apps
  Help Net Security · May 7, 2026
• Sysdig delivers cloud security that runs inside AI coding agents
  Help Net Security · May 6, 2026
• MuddyWater hackers use Chaos ransomware as a decoy in attacks
  BleepingComputer · May 6, 2026
• Muddying the Tracks: The State-Sponsored Shadow Behind Chaos Ransomware
  Rapid7 Blog · May 6, 2026
• MuddyWater Uses Microsoft Teams to Steal Credentials in False Flag Ransomware Attack
  The Hacker News · May 6, 2026
• Attackers adopt JavaScript runtime Bun to spread NWHStealer
  Malwarebytes Labs · May 6, 2026
• Your AI Agents Are Already Inside the Perimeter. Do You Know What They're Doing?
  The Hacker News · May 6, 2026
• Windows Phone Link Exploited by CloudZ RAT to Steal Credentials and OTPs
  The Hacker News · May 6, 2026
• ServiceNow clears agents for landing with new AI control tower
  The Register Security · May 5, 2026
• Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE
  The Hacker News · May 5, 2026