vulnerability

Red Hat: CVE-2026-26130: asp.net: ASP.NET Core: Denial of Service via uncontrolled resource allocation (Multiple Advisories)

Try Surface Command
Back to search
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:C)
Published
Mar 10, 2026
Added
Mar 13, 2026
Modified
Mar 27, 2026

Description

Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network.

Solutions

redhat-upgrade-aspnetcore-runtime-10-0redhat-upgrade-aspnetcore-runtime-8-0redhat-upgrade-aspnetcore-runtime-9-0redhat-upgrade-aspnetcore-runtime-dbg-10-0redhat-upgrade-aspnetcore-runtime-dbg-8-0redhat-upgrade-aspnetcore-runtime-dbg-9-0redhat-upgrade-aspnetcore-targeting-pack-10-0redhat-upgrade-aspnetcore-targeting-pack-8-0redhat-upgrade-aspnetcore-targeting-pack-9-0redhat-upgrade-dotnetredhat-upgrade-dotnet-apphost-pack-10-0redhat-upgrade-dotnet-apphost-pack-10-0-debuginforedhat-upgrade-dotnet-apphost-pack-8-0redhat-upgrade-dotnet-apphost-pack-8-0-debuginforedhat-upgrade-dotnet-apphost-pack-9-0redhat-upgrade-dotnet-apphost-pack-9-0-debuginforedhat-upgrade-dotnet-hostredhat-upgrade-dotnet-host-debuginforedhat-upgrade-dotnet-hostfxr-10-0redhat-upgrade-dotnet-hostfxr-10-0-debuginforedhat-upgrade-dotnet-hostfxr-8-0redhat-upgrade-dotnet-hostfxr-8-0-debuginforedhat-upgrade-dotnet-hostfxr-9-0redhat-upgrade-dotnet-hostfxr-9-0-debuginforedhat-upgrade-dotnet-runtime-10-0redhat-upgrade-dotnet-runtime-10-0-debuginforedhat-upgrade-dotnet-runtime-8-0redhat-upgrade-dotnet-runtime-8-0-debuginforedhat-upgrade-dotnet-runtime-9-0redhat-upgrade-dotnet-runtime-9-0-debuginforedhat-upgrade-dotnet-runtime-dbg-10-0redhat-upgrade-dotnet-runtime-dbg-8-0redhat-upgrade-dotnet-runtime-dbg-9-0redhat-upgrade-dotnet-sdk-10-0redhat-upgrade-dotnet-sdk-10-0-debuginforedhat-upgrade-dotnet-sdk-10-0-source-built-artifactsredhat-upgrade-dotnet-sdk-8-0redhat-upgrade-dotnet-sdk-8-0-debuginforedhat-upgrade-dotnet-sdk-8-0-source-built-artifactsredhat-upgrade-dotnet-sdk-9-0redhat-upgrade-dotnet-sdk-9-0-debuginforedhat-upgrade-dotnet-sdk-9-0-source-built-artifactsredhat-upgrade-dotnet-sdk-aot-10-0redhat-upgrade-dotnet-sdk-aot-10-0-debuginforedhat-upgrade-dotnet-sdk-aot-9-0redhat-upgrade-dotnet-sdk-aot-9-0-debuginforedhat-upgrade-dotnet-sdk-dbg-10-0redhat-upgrade-dotnet-sdk-dbg-8-0redhat-upgrade-dotnet-sdk-dbg-9-0redhat-upgrade-dotnet-targeting-pack-10-0redhat-upgrade-dotnet-targeting-pack-8-0redhat-upgrade-dotnet-targeting-pack-9-0redhat-upgrade-dotnet-templates-10-0redhat-upgrade-dotnet-templates-8-0redhat-upgrade-dotnet-templates-9-0redhat-upgrade-dotnet10-0-debuginforedhat-upgrade-dotnet10-0-debugsourceredhat-upgrade-dotnet8-0-debuginforedhat-upgrade-dotnet8-0-debugsourceredhat-upgrade-dotnet9-0-debuginforedhat-upgrade-dotnet9-0-debugsourceredhat-upgrade-netstandard-targeting-pack-2-1

References

    Title
    NEW

    Explore Exposure Command

    Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

    Try it today