CVE-2026-26127

HIGH7.5EPSS 0.10%

.NET Denial of Service Vulnerability

發布日:2026/3/11修改日:2026/4/6

也稱為:GHSA-73j8-2gch-69rqBIT-dotnet-2026-26127BIT-dotnet-sdk-2026-26127

描述

Out-of-bounds read in .NET allows an unauthorized attacker to deny service over a network.

受影響套件(15)

Bitnami/dotnet>= 9.0.0, < 9.0.14, >= 10.0.0, < 10.0.4
Bitnami/dotnet-sdk>= 9.0.0, < 9.0.14, >= 10.0.0, < 10.0.4
NuGet/Microsoft.Bcl.Memory>= 9.0.0, < 9.0.14
NuGet/Microsoft.NetCore.App.Runtime.linux-arm>= 9.0.0, < 9.0.14
NuGet/Microsoft.NetCore.App.Runtime.linux-arm64>= 9.0.0, < 9.0.14
NuGet/Microsoft.NetCore.App.Runtime.linux-musl-arm>= 9.0.0, < 9.0.14
NuGet/Microsoft.NetCore.App.Runtime.linux-musl-arm64>= 9.0.0, < 9.0.14
NuGet/Microsoft.NetCore.App.Runtime.linux-musl-x64>= 9.0.0, < 9.0.14
NuGet/Microsoft.NetCore.App.Runtime.linux-x64>= 9.0.0, < 9.0.14
NuGet/Microsoft.NetCore.App.Runtime.osx-arm64>= 9.0.0, < 9.0.14
NuGet/Microsoft.NetCore.App.Runtime.osx-x64>= 9.0.0, < 9.0.14
NuGet/Microsoft.NetCore.App.Runtime.win-arm>= 9.0.0, < 9.0.14
NuGet/Microsoft.NetCore.App.Runtime.win-arm64>= 9.0.0, < 9.0.14
NuGet/Microsoft.NetCore.App.Runtime.win-x64>= 9.0.0, < 9.0.14
NuGet/Microsoft.NetCore.App.Runtime.win-x86>= 9.0.0, < 9.0.14

CVSS 分數

來源	版本	嚴重程度	向量
osv	CVSS 3.1	HIGH7.5	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

參考連結(4)