The vulnerability, CVE-2026-5426, stems from the use of hard-coded ASP.NET machine keys within the LMS.
Tag: ASPNET
AI, Apps, Exploits, Global Security News, Risk Management
CVE-2026-40372: Critical ASP.NET Core Flaw May Let Attackers Gain SYSTEM Privileges
Microsoft has released out-of-band updates for CVE-2026-40372, a high-impact ASP.NET Core privilege-escalation vulnerability tied to the platform’s Data Protection cryptographic APIs. Public reporting says the flaw carries a CVSS score of 9.1 and could allow an unauthenticated attacker to forge authentication material and ultimately obtain SYSTEM privileges on affected systems. The issue stands out not…
AI, Apps, Data Breaches, Exploits, Global Security News, Network Security, Risk Management
CVE-2026-40372: Microsoft Patches ASP.NET Core Privilege Escalation Vulnerability
Microsoft has released an out-of-band update to fix an ASP.NET Core vulnerability that could allow attackers to take full control of affected systems. The flaw enables unauthenticated privilege escalation, increasing risk for enterprises running .NET workloads. “Improper verification of cryptographic signature in ASP.NET Core allows an unauthorized attacker to elevate privileges over a network,” said…
AI, Apps, Exploits, Global Security News, Network Security, Risk Management
Microsoft out-of-band updates fixed critical ASP.NET Core privilege escalation flaw
Microsoft fixed critical ASP.NET Core vulnerability, tracked as CVE-2026-40372 (CVSS score of 9.1), that lets attackers escalate privileges. Microsoft released out-of-band updates to address a serious ASP.NET Core vulnerability tracked as CVE-2026-40372 (CVSS score of 9.1). Microsoft fixed the flaw in ASP.NET Core version 10.0.7. An attacker could exploit the flaw to gain SYSTEM-level privileges, access…
Global Security News
Microsoft Patches Critical ASP.NET Core CVE-2026-40372 Privilege Escalation Bug
Microsoft has released out-of-band updates to address a security vulnerability in ASP.NET Core that could allow an attacker to escalate privileges. The vulnerability, tracked as CVE-2026-40372, carries a CVSS score of 9.1 out of 10.0. It’s rated Important in severity. An anonymous researcher has been credited with discovering and reporting the flaw. “Improper verification of…
Global Security News
Microsoft releases emergency patches for critical ASP.NET flaw
Microsoft has released out-of-band (OOB) security updates to patch a critical ASP.NET Core privilege escalation vulnerability. […]