Description:
Microsoft has released security updates and mitigations to address a vulnerability that affect ASP.NET Core 10.0. The list of security updates and mitigations can be found at:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-40372
Affected Systems:
- ASP.NET Core 10.0 prior to version 10.0.7
Impact:
Successful exploitation of the vulnerability could lead to elevation of privilege on an affected system.
Recommendation:
Security updates and mitigations for affected product are available from the Windows Update / Microsoft Update Catalog. Users of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.
More Information:
- https://support.microsoft.com/help/5091596
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-40372
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40372
