Jul 2026: .NET Tampering Vulnerability
CVE-2026-50526 Published on July 14, 2026
.NET Tampering Vulnerability
Improper link resolution before file access ('link following') in .NET allows an authorized attacker to perform tampering locally.
Weakness Types
What is an insecure temporary file Vulnerability?
The software attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.
CVE-2026-50526 has been classified to as an insecure temporary file vulnerability or weakness.
Insufficient Verification of Data Authenticity
The software does not sufficiently verify the origin or authenticity of data, in a way that causes it to accept invalid data.
Products Associated with CVE-2026-50526
Want to know whenever a new CVE is published for Microsoft products? stack.watch will email you.
Affected Versions
Microsoft .NET 10.0:- Version 10.0.0 and below 10.0.6 is affected.
- Version 8.0.0 and below 8.0.29 is affected.
- Version 9.0.0 and below 9.0.18 is affected.
- Version 17.12.0 and below 17.12.22 is affected.
- Version 17.14.0 and below 17.14.36 is affected.
- Version 18.0 and below 18.7.4 is affected.