Home
HIGH: 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 8.0.0 (custom) before 8.0.29
affected
9.0.0 (custom) before 9.0.18
affected
3.5.0 (custom) before 2.0.50727.8983 & 3.0.30729.8978
affected
4.7.0 (custom) before 2.0.50727.8983 & 3.0.30729.8978 & 4.7.4143.0
affected
4.8.0 (custom) before 2.0.50727.9069 & 3.0.30729.9067 & 4.8.4803.0
affected
4.8.1 (custom) before 2.0.50727.9182 & 3.0.30729.9168 & 4.8.9339.0
affected
4.7.0 (custom) before 4.7.4143.0
affected
4.8.0 (custom) before 4.8.4803.0
affected
17.12.0 (custom) before 17.12.22
affected
17.14.0 (custom) before 17.14.36
affected
18.0 (custom) before 18.7.4
affected
Description
Protection mechanism failure in .NET Framework allows an unauthorized attacker to execute code locally.
Problem types
CWE-693: Protection Mechanism Failure
CWE-502: Deserialization of Untrusted Data
Product status
References
msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50646 (.NET Framework Remote Code Execution Vulnerability)