Asp.net core

This hub aggregates every CVE we track for Asp.net core, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Asp.net core.

• CVE-2026-45591ASP.NET Core Denial of Service Vulnerability7.5Jun 9, 2026
• CVE-2026-40372ASP.NET Core Elevation of Privilege Vulnerability9.1Apr 21, 2026
• CVE-2026-26130ASP.NET Core Denial of Service Vulnerability7.5Mar 10, 2026
• CVE-2025-55315ASP.NET Security Feature Bypass Vulnerability9.9Oct 14, 2025
• CVE-2025-26682ASP.NET Core and Visual Studio Denial of Service Vulnerability7.5Apr 8, 2025
• CVE-2025-24070ASP.NET Core and Visual Studio Elevation of Privilege Vulnerability7.0Mar 11, 2025
• CVE-2024-21404.NET Denial of Service Vulnerability7.5Feb 13, 2024
• CVE-2024-21386.NET Denial of Service Vulnerability7.5Feb 13, 2024
• CVE-2023-36038ASP.NET Core Denial of Service Vulnerability8.2Nov 14, 2023
• CVE-2023-36558ASP.NET Core Security Feature Bypass Vulnerability6.2Nov 14, 2023
• CVE-2023-44487The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.KEV7.5Oct 10, 2023
• CVE-2023-38180.NET and Visual Studio Denial of Service VulnerabilityKEV7.5Aug 8, 2023
• CVE-2023-35391ASP.NET Core SignalR and Visual Studio Information Disclosure Vulnerability6.2Aug 8, 2023
• CVE-2022-21986.NET Denial of Service Vulnerability7.5Feb 9, 2022
• CVE-2021-43877ASP.NET Core and Visual Studio Elevation of Privilege Vulnerability8.8Dec 15, 2021