Jul 2026: ASP.NET Core Denial of Service Vulnerability
CVE-2026-56170 Published on July 14, 2026

ASP.NET Core Denial of Service Vulnerability
Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network.

Vendor Advisory NVD

Weakness Type

Allocation of Resources Without Limits or Throttling

The software allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on the size or number of resources that can be allocated, in violation of the intended security policy for that actor.


Products Associated with CVE-2026-56170

Want to know whenever a new CVE is published for Microsoft Net? stack.watch will email you.

 

Affected Versions

Microsoft .NET 10.0: Microsoft .NET 8.0: Microsoft .NET 9.0: