Home
HIGH: 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N/E:U/RL:O/RC:C 10.0.0 (custom) before 10.0.6
affected
8.0.0 (custom) before 8.0.29
affected
9.0.0 (custom) before 9.0.18
affected
17.12.0 (custom) before 17.12.22
affected
17.14.0 (custom) before 17.14.36
affected
18.0 (custom) before 18.7.4
affected
Description
Incorrect authorization in .NET allows an unauthorized attacker to bypass a security feature over a network.
Problem types
CWE-863: Incorrect Authorization
CWE-302: Authentication Bypass by Assumed-Immutable Data
CWE-636: Not Failing Securely ('Failing Open')
Product status
References
msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50528 (.NET Security Feature Bypass Vulnerability)