Dismissed
(no matching packages found)
Permalink
CVE-2026-50646
7.8 HIGH
- CVSS version (CVSS): 3.1
- Attack Vector (AV): Local (L)
- Attack Complexity (AC): Low (L)
- Privileges Required (PR): None (N)
- User Interaction (UI): Required (R)
- Scope (S): Unchanged (U)
- Confidentiality (C): High (H)
- Integrity (I): High (H)
- Availability (A): High (H)
- Exploit Code Maturity (E): Unproven (U)
- Remediation Level (RL): Official Fix (O)
- Report Confidence (RC): Confirmed (C)
- Modified Attack Vector (MAV): Local (L)
- Modified Attack Complexity (MAC): Low (L)
- Modified Privileges Required (MPR): None (N)
- Modified User Interaction (MUI): Required (R)
- Modified Confidentiality (MC): High (H)
- Modified Scope (MS): Unchanged (U)
- Modified Integrity (MI): High (H)
- Modified Availability (MA): High (H)
Activity log
- Created & dismissed (no matching packages found) suggestion
.NET Framework Remote Code Execution Vulnerability
Protection mechanism failure in .NET Framework allows an unauthorized attacker to execute code locally.
References
Affected products
.NET 8.0
- <8.0.29
.NET 9.0
- <9.0.18
Microsoft .NET Framework 3.5
- <2.0.50727.8983 & 3.0.30729.8978
Microsoft .NET Framework 4.8
- <4.8.4803.0
Microsoft .NET Framework 3.5 AND 4.8
- <2.0.50727.9069 & 3.0.30729.9067 & 4.8.4803.0
Microsoft .NET Framework 3.5 AND 4.7.2
- <2.0.50727.8983 & 3.0.30729.8978 & 4.7.4143.0
Microsoft .NET Framework 3.5 AND 4.8.1
- <2.0.50727.9182 & 3.0.30729.9168 & 4.8.9339.0
Microsoft Visual Studio 2026 version 18.7
- <18.7.4
Microsoft Visual Studio 2022 version 17.12
- <17.12.22
Microsoft Visual Studio 2022 version 17.14
- <17.14.36
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2
- <4.7.4143.0