vulnerability
Red Hat: CVE-2025-30399: dotnet: .NET Remote Code Vulnerability (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:H/Au:N/C:C/I:C/A:C) | Jun 10, 2025 | Jun 12, 2025 | Jun 12, 2026 |
Severity
8
CVSS
(AV:N/AC:H/Au:N/C:C/I:C/A:C)
Published
Jun 10, 2025
Added
Jun 12, 2025
Modified
Jun 12, 2026
Description
A remote code execution vulnerability in .NET 8.0 and 9.0. An attacker who can place malicious files in specific locations may trigger unintended code execution when the .NET runtime loads these files.
Solutions
redhat-upgrade-aspnetcore-runtime-8-0redhat-upgrade-aspnetcore-runtime-9-0redhat-upgrade-aspnetcore-runtime-dbg-8-0redhat-upgrade-aspnetcore-runtime-dbg-9-0redhat-upgrade-aspnetcore-targeting-pack-8-0redhat-upgrade-aspnetcore-targeting-pack-9-0redhat-upgrade-dotnetredhat-upgrade-dotnet-apphost-pack-8-0redhat-upgrade-dotnet-apphost-pack-8-0-debuginforedhat-upgrade-dotnet-apphost-pack-9-0redhat-upgrade-dotnet-apphost-pack-9-0-debuginforedhat-upgrade-dotnet-hostredhat-upgrade-dotnet-host-debuginforedhat-upgrade-dotnet-hostfxr-8-0redhat-upgrade-dotnet-hostfxr-8-0-debuginforedhat-upgrade-dotnet-hostfxr-9-0redhat-upgrade-dotnet-hostfxr-9-0-debuginforedhat-upgrade-dotnet-runtime-8-0redhat-upgrade-dotnet-runtime-8-0-debuginforedhat-upgrade-dotnet-runtime-9-0redhat-upgrade-dotnet-runtime-9-0-debuginforedhat-upgrade-dotnet-runtime-dbg-8-0redhat-upgrade-dotnet-runtime-dbg-9-0redhat-upgrade-dotnet-sdk-8-0redhat-upgrade-dotnet-sdk-8-0-debuginforedhat-upgrade-dotnet-sdk-8-0-source-built-artifactsredhat-upgrade-dotnet-sdk-9-0redhat-upgrade-dotnet-sdk-9-0-debuginforedhat-upgrade-dotnet-sdk-9-0-source-built-artifactsredhat-upgrade-dotnet-sdk-aot-9-0redhat-upgrade-dotnet-sdk-aot-9-0-debuginforedhat-upgrade-dotnet-sdk-dbg-8-0redhat-upgrade-dotnet-sdk-dbg-9-0redhat-upgrade-dotnet-targeting-pack-8-0redhat-upgrade-dotnet-targeting-pack-9-0redhat-upgrade-dotnet-templates-8-0redhat-upgrade-dotnet-templates-9-0redhat-upgrade-dotnet8-0-debuginforedhat-upgrade-dotnet8-0-debugsourceredhat-upgrade-dotnet9-0-debuginforedhat-upgrade-dotnet9-0-debugsourceredhat-upgrade-netstandard-targeting-pack-2-1
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.