NuGet package
microsoft.build.tasks.core
pkg:nuget/microsoft.build.tasks.core
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-55247 | — | >= 17.15.0-preview-25277-114, < 18.0.0-preview-25476-107 | 18.0.0-preview-25476-107 | Oct 14, 2025 | Improper link resolution before file access ('link following') in .NET allows an authorized attacker to elevate privileges locally. | ||
| CVE-2025-26646 | — | >= 15.8.166, < 15.9.30 | 15.9.30 | May 13, 2025 | External control of file name or path in .NET, Visual Studio, and Build Tools for Visual Studio allows an authorized attacker to perform spoofing over a network. |
- CVE-2025-55247Oct 14, 2025affected >= 17.15.0-preview-25277-114, < 18.0.0-preview-25476-107fixed 18.0.0-preview-25476-107
Improper link resolution before file access ('link following') in .NET allows an authorized attacker to elevate privileges locally.
- CVE-2025-26646May 13, 2025affected >= 15.8.166, < 15.9.30fixed 15.9.30
External control of file name or path in .NET, Visual Studio, and Build Tools for Visual Studio allows an authorized attacker to perform spoofing over a network.