Jun 2026: ASP.NET Core Denial of Service Vulnerability
CVE-2026-45591 Published on June 9, 2026

ASP.NET Core Denial of Service Vulnerability
Uncontrolled resource consumption in ASP.NET Core allows an unauthorized attacker to deny service over a network.

Vendor Advisory NVD

Weakness Type

What is a Resource Exhaustion Vulnerability?

The software does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

CVE-2026-45591 has been classified to as a Resource Exhaustion vulnerability or weakness.

Products Associated with CVE-2026-45591

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2026-45591 are published in these products:

Microsoft Visual Studio 2026

Microsoft Net

Microsoft ASP.NET Core

Canonical Ubuntu Linux

Affected Versions

Microsoft .NET 10.0:

Version 10.0.0 and below 10.0.9 is affected.

Microsoft .NET 8.0:

Version 8.0.0 and below 8.0.28 is affected.

Microsoft .NET 9.0:

Version 9.0.0 and below 9.0.17 is affected.

Microsoft ASP.NET Core 10.0:

Version 10.0 and below 10.0.9 is affected.

Microsoft ASP.NET Core 8.0:

Version 8.0 and below 8.0.28 is affected.

Microsoft ASP.NET Core 9.0:

Version 9.0 and below 9.0.17 is affected.

Microsoft Visual Studio 2026 version 18.6:

Version 18.6.0 and below 18.6.3 is affected.

Jun 2026: ASP.NET Core Denial of Service VulnerabilityCVE-2026-45591 Published on June 9, 2026

Weakness Type

What is a Resource Exhaustion Vulnerability?

Products Associated with CVE-2026-45591

Affected Versions

Jun 2026: ASP.NET Core Denial of Service Vulnerability
CVE-2026-45591 Published on June 9, 2026