Home
HIGH: 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10.0.0 (custom) before 10.0.6
affected
8.0.0 (custom) before 8.0.29
affected
9.0.0 (custom) before 9.0.18
affected
17.12.0 (custom) before 17.12.22
affected
17.14.0 (custom) before 17.14.36
affected
18.0 (custom) before 18.7.4
affected
Description
Improper link resolution before file access ('link following') in .NET allows an authorized attacker to perform tampering locally.
Problem types
CWE-59: Improper Link Resolution Before File Access ('Link Following')
CWE-345: Insufficient Verification of Data Authenticity
Product status
References
msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50526 (.NET Tampering Vulnerability)