Skip to content
The Nexus
DossierENTITY

ASP.NET Core

Coverage of ASP.NET Core in the Nexus archive.

Earliest in view: Apr 22 · 08:08 UTCMost recent: Apr 22 · 19:32 UTC
Co-mentioned in this coverage
Recent coverage
  • SECURITYApr 22 · 19:32 UTCARS TECHNICA
    Microsoft issues emergency update for macOS and Linux ASP.NET threat

    Microsoft released an emergency patch for a high-severity vulnerability (CVE-2026-40372) in ASP.NET Core, which could allow unauthenticated attackers to gain SYSTEM privileges on macOS and Linux devices. The flaw stems from a cryptographic signature verification error in the Microsoft.AspNetCore.DataProtection NuGet package, and even after patching, forged credentials may persist if not manually purged.

  • SECURITYApr 22 · 09:29 UTCTHE HACKER NEWS
    Microsoft Patches Critical ASP.NET Core CVE-2026-40372 Privilege Escalation Bug

    Microsoft has released out-of-band updates to fix a critical privilege escalation vulnerability in ASP.NET Core, tracked as CVE-2026-40372 with a CVSS score of 9.1. The flaw, rated Important, was discovered by an anonymous researcher and involves improper verification of cryptographic mechanisms.

  • SECURITYApr 22 · 08:08 UTCBLEEPING COMPUTER
    Microsoft releases emergency patches for critical ASP.NET flaw

    Microsoft has released emergency out-of-band security patches to address a critical privilege escalation vulnerability in ASP.NET Core. The update aims to prevent potential exploitation of the flaw, which could allow attackers to escalate privileges.

ASP.NET Core · Dossier · The Nexus