Jul 2026: .NET Tampering Vulnerability
CVE-2026-50526 Published on July 14, 2026

.NET Tampering Vulnerability
Improper link resolution before file access ('link following') in .NET allows an authorized attacker to perform tampering locally.

Vendor Advisory NVD

Weakness Types

What is an insecure temporary file Vulnerability?

The software attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

CVE-2026-50526 has been classified to as an insecure temporary file vulnerability or weakness.

Insufficient Verification of Data Authenticity

The software does not sufficiently verify the origin or authenticity of data, in a way that causes it to accept invalid data.


Products Associated with CVE-2026-50526

Want to know whenever a new CVE is published for Microsoft products? stack.watch will email you.

 
 
 

Affected Versions

Microsoft .NET 10.0: Microsoft .NET 8.0: Microsoft .NET 9.0: Microsoft Visual Studio 2022 version 17.12: Microsoft Visual Studio 2022 version 17.14: Microsoft Visual Studio 2026 version 18.7: