CVE-2026-32175
.NET Core Tampering Vulnerability
CVSS Score
4.3
EPSS Score
0.0%
EPSS Percentile
0th
A tampering vulnerability exists when .NET Core improperly handles specially crafted files. An attacker who successfully exploited this vulnerability could write arbitrary files and directories to certain locations on a vulnerable system. However, an attacker would have limited control over the destination of the files and directories. To exploit the vulnerability, an attacker must send a specially crafted file to a vulnerable system. The security update fixes the vulnerability by ensuring .NET Core properly handles files.
| Vendor | microsoft |
| Product | .net 10.0 |
| Ecosystems | |
| Industries | TechnologyEnterprise |
| Published | May 12, 2026 |
| Last Updated | May 13, 2026 |
Stay Ahead of the Next One
Get instant alerts for microsoft .net 10.0
Be the first to know when new medium vulnerabilities affecting microsoft .net 10.0 are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Affected Versions
Microsoft / .NET 10.0
10.0.0 < 10.0.8
Microsoft / .NET 8.0
8.0.0 < 8.0.27
Microsoft / .NET 9.0
9.0.0 < 9.0.16
Microsoft / Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)
15.9.0 < 15.9.80
Microsoft / Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)
16.11.0 < 16.11.56
Microsoft / Microsoft Visual Studio 2022 version 17.12
17.12.0 < 17.12.20
Microsoft / Microsoft Visual Studio 2022 version 17.14
17.14.0 < 17.14.31
Microsoft / Microsoft Visual Studio 2026 version 18.5
18.5.0 < 18.5.3