Vulnerability-Lookup

CVE-2026-26143 (GCVE-0-2026-26143)

Vulnerability from cvelistv5 – Published: 2026-04-14 16:57 – Updated: 2026-04-14 16:57

Title

Microsoft PowerShell Security Feature Bypass Vulnerability

Summary

Improper input validation in Microsoft PowerShell allows an unauthorized attacker to bypass a security feature locally.

Severity ?

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

CWE

CWE-20 - Improper Input Validation

Assigner

microsoft

References

URL

MSRC_CVE-2026-26143

Vulnerability from csaf_microsoft - Published: 2026-04-14 07:00 - Updated: 2026-04-14 07:00

Summary

Microsoft PowerShell Security Feature Bypass Vulnerability

Severity

Important

Notes

Additional Resources: To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle

Disclaimer: The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.

Customer Action: Required. The vulnerability documented by this CVE requires customer action to resolve.

CVE-2026-26143

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

CWE-20 - Improper Input Validation

Vendor Fix 7.5.5:Security Update:https://github.com/PowerShell/Announcements/issues/82 https://github.com/PowerShell/Announcements/issues/82

Vendor Fix 7.4.14:Security Update:https://github.com/PowerShell/Announcements/issues/82 https://github.com/PowerShell/Announcements/issues/82

References

URL

CERTFR-2026-AVI-0445

Vulnerability from certfr_avis - Published: 2026-04-15 - Updated: 2026-04-15

De multiples vulnérabilités ont été découvertes dans les produits Microsoft. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.

Microsoft indique que la vulnérabilité CVE-2026-32201 est activement exploitée.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Microsoft	N/A	Microsoft SharePoint Server Subscription Edition versions antérieures à 16.0.19725.20210
Microsoft	N/A	azl3 rubygem-addressable 2.8.5-2 versions antérieures à 2.9.0-1
Microsoft	N/A	Microsoft Power Apps versions antérieures à 3.26032.10.0
Microsoft	N/A	Microsoft SQL Server 2019 pour systèmes x64 (GDR) versions antérieures à 15.0.2165.1
Microsoft	N/A	Microsoft Visual Studio 2017 version 15.9 (inclus 15.0 - 15.8) antérieures à 15.9.79
Microsoft	N/A	Microsoft SQL Server 2022 pour systèmes x64 (GDR) versions antérieures à 16.0.1175.1
Microsoft	N/A	Microsoft Visual Studio Code CoPilot Chat Extension versions antérieures à 0.37.3
Microsoft	N/A	Microsoft Visual Studio 2022 version 17.14 antérieures à 17.14.30
Microsoft	N/A	Microsoft SQL Server 2022 pour systèmes x64 (CU 24) versions antérieures à 16.0.4250.1
Microsoft	N/A	Microsoft SQL Server 2017 pour systèmes x64 (CU 31) versions antérieures à 14.0.3525.1
Microsoft	N/A	Microsoft Visual Studio 2022 version 17.12 antérieures à 17.12.19
Microsoft	N/A	Microsoft SharePoint Server 2019 versions antérieures à 16.0.10417.20114
Microsoft	N/A	azl3 libpng 1.6.56-1 versions antérieures à 1.6.57-1
Microsoft	N/A	Microsoft Visual Studio 2019 version 16.4 (inclus 16.0 - 16.3) antérieures à 16.11.55
Microsoft	N/A	Microsoft SQL Server 2016 pour systèmes x64 Service Pack 3 Azure Connect Feature Pack versions antérieures à 13.0.7080.1
Microsoft	N/A	Microsoft Visual Studio 2019 version 16.11 (inclus 16.0 - 16.10) antérieures à 16.11.55
Microsoft	N/A	Microsoft SQL Server 2025 pour systèmes x64 (GDR) versions antérieures à 17.0.1110.1
Microsoft	N/A	Microsoft SQL Server 2019 pour systèmes x64 (CU 32) versions antérieures à 15.0.4465.1
Microsoft	N/A	Microsoft SQL Server 2017 pour systèmes x64 (GDR) versions antérieures à 14.0.2105.1
Microsoft	N/A	Microsoft SharePoint Enterprise Server 2016 versions antérieures à 16.0.5548.1003
Microsoft	N/A	Microsoft Defender Antimalware Platform versions antérieures à 4.18.26030.3011
Microsoft	N/A	Microsoft HPC Pack 2019 versions antérieures à 6.3.8355
Microsoft	N/A	azl3 golang 1.25.8-1 versions antérieures à 1.25.9-1
Microsoft	N/A	Microsoft SQL Server 2016 pour systèmes x64 Service Pack 3 (GDR) versions antérieures à 13.0.6485.1
Microsoft	N/A	Microsoft Dynamics 365 (on-premises) version 9.0 antérieures à 9.1.0044.0015
Microsoft	N/A	Microsoft SQL Server 2025 pour systèmes x64 (CU3) versions antérieures à 17.0.4030.1
Microsoft	N/A	PowerShell 7.5 versions antérieures à 7.5.5
Microsoft	N/A	PowerShell 7.4 versions antérieures à 7.4.14
Microsoft	N/A	azl3 golang 1.26.1-1 versions antérieures à 1.26.2-1
Microsoft	N/A	azl3 libexif 0.6.24-2 versions antérieures à 0.6.24-3

References

Title

Publication Time

GHSA-HRFW-JJGV-MG38

Vulnerability from github – Published: 2026-04-14 18:30 – Updated: 2026-04-14 18:30

Details

Improper input validation in Microsoft PowerShell allows an unauthorized attacker to bypass a security feature locally.

Severity ?

7.8 (High)


                  
                    CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2026-26143"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-04-14T18:16:45Z",
    "severity": "HIGH"
  },
  "details": "Improper input validation in Microsoft PowerShell allows an unauthorized attacker to bypass a security feature locally.",
  "id": "GHSA-hrfw-jjgv-mg38",
  "modified": "2026-04-14T18:30:37Z",
  "published": "2026-04-14T18:30:37Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26143"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26143"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

NCSC-2026-0114

Vulnerability from csaf_ncscnl - Published: 2026-04-14 19:18 - Updated: 2026-04-14 19:18

Summary

Kwetsbaarheden verholpen in Microsoft Developer tools

Notes

The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions: NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein. NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory. This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.

Feiten: Microsoft heeft kwetsbaarheden verholpen in .NET, .NET Framework, Visual Studio en PowerShell.

Interpretaties: Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade: - Denial-of-Service (DoS) - Toegang tot gevoelige gegevens - Omzeilen van een beveiligingsmaatregel - Spoofing ``` .NET, .NET Framework, Visual Studio: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-33116 | 7,50 | Denial-of-Service | |----------------|------|-------------------------------------| Microsoft PowerShell: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-26143 | 7,80 | Omzeilen van beveiligingsmaatregel | |----------------|------|-------------------------------------| GitHub Copilot and Visual Studio Code: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-23653 | 5,70 | Toegang tot gevoelige gegevens | |----------------|------|-------------------------------------| .NET and Visual Studio: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-32203 | 7,50 | Denial-of-Service | |----------------|------|-------------------------------------| .NET Framework: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-32226 | 5,90 | Denial-of-Service | | CVE-2026-23666 | 7,50 | Denial-of-Service | |----------------|------|-------------------------------------| .NET: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-32178 | 7,50 | Voordoen als andere gebruiker | | CVE-2026-26171 | 7,50 | Denial-of-Service | |----------------|------|-------------------------------------| ```

Oplossingen: Microsoft heeft updates beschikbaar gesteld waarmee de beschreven kwetsbaarheden worden verholpen. We raden u aan om deze updates te installeren. Meer informatie over de kwetsbaarheden, de installatie van de updates en eventuele work-arounds vindt u op: https://portal.msrc.microsoft.com/en-us/security-guidance

Kans: medium

Schade: high

CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')

CWE-755: Improper Handling of Exceptional Conditions

CWE-400: Uncontrolled Resource Consumption

CWE-611: Improper Restriction of XML External Entity Reference

CWE-138: Improper Neutralization of Special Elements

CWE-121: Stack-based Buffer Overflow

CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop')

CWE-20: Improper Input Validation

CVE-2026-23653

Improper neutralization of special elements in commands ('command injection') in GitHub Copilot and Visual Studio Code allows authorized attackers to disclose information over a network.

5.7 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C

CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')

CVE-2026-23666

A race condition in the .NET Framework's concurrent execution of shared resources allows unauthorized attackers to cause a denial of service over a network.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C

CVE-2026-26143

Improper input validation in Microsoft PowerShell enables a local unauthorized attacker to bypass security features, potentially compromising system integrity.

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

CVE-2026-26171

Uncontrolled resource consumption vulnerabilities in the .NET framework allow unauthorized attackers to cause denial of service conditions over a network by exhausting system resources.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C

CWE-611 - Improper Restriction of XML External Entity Reference

CVE-2026-32178

Improper neutralization of special elements in the .NET framework allows unauthorized attackers to conduct network spoofing attacks, compromising network integrity and security.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C

CVE-2026-32203

A stack-based buffer overflow vulnerability in .NET and Visual Studio allows an unauthorized attacker to cause a denial of service over a network.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C

CWE-121 - Stack-based Buffer Overflow

CVE-2026-32226

A race condition in the .NET Framework's concurrent execution of shared resources allows unauthorized attackers to cause a denial of service over a network.

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C

CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

CVE-2026-33116

An infinite loop vulnerability in .NET, .NET Framework, and Visual Studio can be exploited by unauthorized attackers to cause a denial of service over a network.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C

CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

References

URL

Category

	https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
	https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
	https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
	https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
	https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
	https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
	https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
	https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "nl",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
      },
      {
        "category": "description",
        "text": "Microsoft heeft kwetsbaarheden verholpen in .NET, .NET Framework, Visual Studio en PowerShell.",
        "title": "Feiten"
      },
      {
        "category": "description",
        "text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorie\u00ebn schade:\n\n- Denial-of-Service (DoS)\n- Toegang tot gevoelige gegevens\n- Omzeilen van een beveiligingsmaatregel\n- Spoofing\n\n```\n.NET, .NET Framework, Visual Studio: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-33116 | 7,50 | Denial-of-Service                   | \n|----------------|------|-------------------------------------|\n\nMicrosoft PowerShell: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-26143 | 7,80 | Omzeilen van beveiligingsmaatregel  | \n|----------------|------|-------------------------------------|\n\nGitHub Copilot and Visual Studio Code: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-23653 | 5,70 | Toegang tot gevoelige gegevens      | \n|----------------|------|-------------------------------------|\n\n.NET and Visual Studio: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-32203 | 7,50 | Denial-of-Service                   | \n|----------------|------|-------------------------------------|\n\n.NET Framework: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-32226 | 5,90 | Denial-of-Service                   | \n| CVE-2026-23666 | 7,50 | Denial-of-Service                   | \n|----------------|------|-------------------------------------|\n\n.NET: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-32178 | 7,50 | Voordoen als andere gebruiker       | \n| CVE-2026-26171 | 7,50 | Denial-of-Service                   | \n|----------------|------|-------------------------------------|\n\n```",
        "title": "Interpretaties"
      },
      {
        "category": "description",
        "text": "Microsoft heeft updates beschikbaar gesteld waarmee de beschreven kwetsbaarheden worden verholpen. We raden u aan om deze updates te installeren. Meer informatie over de kwetsbaarheden, de installatie van de updates en eventuele work-arounds vindt u op:\n\nhttps://portal.msrc.microsoft.com/en-us/security-guidance",
        "title": "Oplossingen"
      },
      {
        "category": "general",
        "text": "medium",
        "title": "Kans"
      },
      {
        "category": "general",
        "text": "high",
        "title": "Schade"
      },
      {
        "category": "general",
        "text": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
        "title": "CWE-77"
      },
      {
        "category": "general",
        "text": "Improper Handling of Exceptional Conditions",
        "title": "CWE-755"
      },
      {
        "category": "general",
        "text": "Uncontrolled Resource Consumption",
        "title": "CWE-400"
      },
      {
        "category": "general",
        "text": "Improper Restriction of XML External Entity Reference",
        "title": "CWE-611"
      },
      {
        "category": "general",
        "text": "Improper Neutralization of Special Elements",
        "title": "CWE-138"
      },
      {
        "category": "general",
        "text": "Stack-based Buffer Overflow",
        "title": "CWE-121"
      },
      {
        "category": "general",
        "text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
        "title": "CWE-362"
      },
      {
        "category": "general",
        "text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
        "title": "CWE-835"
      },
      {
        "category": "general",
        "text": "Improper Input Validation",
        "title": "CWE-20"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "cert@ncsc.nl",
      "name": "Nationaal Cyber Security Centrum",
      "namespace": "https://www.ncsc.nl/"
    },
    "title": "Kwetsbaarheden verholpen in Microsoft Developer tools",
    "tracking": {
      "current_release_date": "2026-04-14T19:18:58.666745Z",
      "generator": {
        "date": "2025-08-04T16:30:00Z",
        "engine": {
          "name": "V.A.",
          "version": "1.3"
        }
      },
      "id": "NCSC-2026-0114",
      "initial_release_date": "2026-04-14T19:18:58.666745Z",
      "revision_history": [
        {
          "date": "2026-04-14T19:18:58.666745Z",
          "number": "1.0.0",
          "summary": "Initiele versie"
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-1"
                }
              }
            ],
            "category": "product_name",
            "name": ".NET 10.0"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-2"
                }
              }
            ],
            "category": "product_name",
            "name": ".NET 10.0 installed on Linux"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-3"
                }
              }
            ],
            "category": "product_name",
            "name": ".NET 10.0 installed on Mac OS"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-4"
                }
              }
            ],
            "category": "product_name",
            "name": ".NET 10.0 installed on Windows"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-5"
                }
              }
            ],
            "category": "product_name",
            "name": ".NET 8.0"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-6"
                }
              }
            ],
            "category": "product_name",
            "name": ".NET 8.0 installed on Linux"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-7"
                }
              }
            ],
            "category": "product_name",
            "name": ".NET 8.0 installed on Mac OS"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-8"
                }
              }
            ],
            "category": "product_name",
            "name": ".NET 8.0 installed on Windows"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-9"
                }
              }
            ],
            "category": "product_name",
            "name": ".NET 9.0"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-10"
                }
              }
            ],
            "category": "product_name",
            "name": ".NET 9.0 installed on Linux"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-11"
                }
              }
            ],
            "category": "product_name",
            "name": ".NET 9.0 installed on Mac OS"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-12"
                }
              }
            ],
            "category": "product_name",
            "name": ".NET 9.0 installed on Windows"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-13"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft .NET Framework 3.5"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-14"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft .NET Framework 3.5 AND 4.7.2"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-15"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1809 for 32-bit Systems"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-16"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1809 for ARM64-based Systems"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-17"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1809 for x64-based Systems"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-18"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft .NET Framework 3.5 AND 4.8"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-19"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1809 for 32-bit Systems"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-20"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1809 for ARM64-based Systems"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-21"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1809 for x64-based Systems"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-22"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 21H2 for 32-bit Systems"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-23"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 21H2 for ARM64-based Systems"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-24"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 21H2 for x64-based Systems"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-25"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 22H2 for 32-bit Systems"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-26"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 22H2 for ARM64-based Systems"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-27"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 22H2 for x64-based Systems"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-28"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft .NET Framework 3.5 AND 4.8 on Windows Server 2022"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-29"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft .NET Framework 3.5 AND 4.8 on Windows Server 2022 (Server Core installation)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-30"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft .NET Framework 3.5 AND 4.8 on Windows Server, version 20H2 (Server Core Installation)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-31"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft .NET Framework 3.5 AND 4.8.1"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-32"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 21H2 for 32-bit Systems"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-33"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 21H2 for ARM64-based Systems"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-34"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 21H2 for x64-based Systems"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-35"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 22H2 for 32-bit Systems"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-36"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 22H2 for ARM64-based Systems"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-37"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 22H2 for x64-based Systems"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-38"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 22H2 for ARM64-based Systems"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-39"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 22H2 for x64-based Systems"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-40"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 23H2 for ARM64-based Systems"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-41"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 23H2 for x64-based Systems"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-42"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 24H2 for ARM64-based Systems"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-43"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 24H2 for x64-based Systems"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-44"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 25H2 for ARM systems"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-45"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 25H2 for x64-based Systems"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-46"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 26H1 for ARM64-based Systems"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-47"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 26H1 for x64-based Systems"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-48"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 version 26H1 for x64-based Systems"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-49"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft .NET Framework 3.5 AND 4.8.1 on Windows Server 2022"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-50"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft .NET Framework 3.5 AND 4.8.1 on Windows Server 2022 (Server Core installation)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-51"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft .NET Framework 3.5 AND 4.8.1 on Windows Server 2022, 23H2 Edition (Server Core installation)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-52"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft .NET Framework 3.5 AND 4.8.1 on Windows Server 2025"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-53"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft .NET Framework 3.5 AND 4.8.1 on Windows Server 2025 (Server Core installation)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-54"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft .NET Framework 3.5 on Windows Server 2012"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-55"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft .NET Framework 3.5 on Windows Server 2012 (Server Core installation)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-56"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft .NET Framework 3.5 on Windows Server 2012 R2"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-57"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft .NET Framework 3.5 on Windows Server 2012 R2 (Server Core installation)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-58"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-59"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-60"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012 (Server Core installation)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-61"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012 R2"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-62"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012 R2 (Server Core installation)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-63"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft .NET Framework 4.8"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-64"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft .NET Framework 4.8 on Windows 10 Version 1607 for 32-bit Systems"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-65"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft .NET Framework 4.8 on Windows 10 Version 1607 for x64-based Systems"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-66"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft .NET Framework 4.8 on Windows Server 2012"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-67"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft .NET Framework 4.8 on Windows Server 2012 (Server Core installation)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-68"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft .NET Framework 4.8 on Windows Server 2012 R2"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-69"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft .NET Framework 4.8 on Windows Server 2012 R2 (Server Core installation)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-70"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft Visual Studio 2022 version 17.12"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-71"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft Visual Studio 2022 version 17.14"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-72"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft Visual Studio Code CoPilot Chat Extension"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-73"
                }
              }
            ],
            "category": "product_name",
            "name": "PowerShell 7.4"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-74"
                }
              }
            ],
            "category": "product_name",
            "name": "PowerShell 7.5"
          }
        ],
        "category": "vendor",
        "name": "Microsoft"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2026-23653",
      "cwe": {
        "id": "CWE-77",
        "name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
          "title": "CWE-77"
        },
        {
          "category": "description",
          "text": "Improper neutralization of special elements in commands (\u0027command injection\u0027) in GitHub Copilot and Visual Studio Code allows authorized attackers to disclose information over a network.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18",
          "CSAFPID-19",
          "CSAFPID-20",
          "CSAFPID-21",
          "CSAFPID-22",
          "CSAFPID-23",
          "CSAFPID-24",
          "CSAFPID-25",
          "CSAFPID-26",
          "CSAFPID-27",
          "CSAFPID-28",
          "CSAFPID-29",
          "CSAFPID-30",
          "CSAFPID-31",
          "CSAFPID-32",
          "CSAFPID-33",
          "CSAFPID-34",
          "CSAFPID-35",
          "CSAFPID-36",
          "CSAFPID-37",
          "CSAFPID-38",
          "CSAFPID-39",
          "CSAFPID-40",
          "CSAFPID-41",
          "CSAFPID-42",
          "CSAFPID-43",
          "CSAFPID-44",
          "CSAFPID-45",
          "CSAFPID-46",
          "CSAFPID-47",
          "CSAFPID-48",
          "CSAFPID-49",
          "CSAFPID-50",
          "CSAFPID-51",
          "CSAFPID-52",
          "CSAFPID-53",
          "CSAFPID-54",
          "CSAFPID-55",
          "CSAFPID-56",
          "CSAFPID-57",
          "CSAFPID-58",
          "CSAFPID-59",
          "CSAFPID-60",
          "CSAFPID-61",
          "CSAFPID-62",
          "CSAFPID-63",
          "CSAFPID-64",
          "CSAFPID-65",
          "CSAFPID-66",
          "CSAFPID-67",
          "CSAFPID-68",
          "CSAFPID-69",
          "CSAFPID-70",
          "CSAFPID-71",
          "CSAFPID-72",
          "CSAFPID-73",
          "CSAFPID-74"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-23653 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-23653.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18",
            "CSAFPID-19",
            "CSAFPID-20",
            "CSAFPID-21",
            "CSAFPID-22",
            "CSAFPID-23",
            "CSAFPID-24",
            "CSAFPID-25",
            "CSAFPID-26",
            "CSAFPID-27",
            "CSAFPID-28",
            "CSAFPID-29",
            "CSAFPID-30",
            "CSAFPID-31",
            "CSAFPID-32",
            "CSAFPID-33",
            "CSAFPID-34",
            "CSAFPID-35",
            "CSAFPID-36",
            "CSAFPID-37",
            "CSAFPID-38",
            "CSAFPID-39",
            "CSAFPID-40",
            "CSAFPID-41",
            "CSAFPID-42",
            "CSAFPID-43",
            "CSAFPID-44",
            "CSAFPID-45",
            "CSAFPID-46",
            "CSAFPID-47",
            "CSAFPID-48",
            "CSAFPID-49",
            "CSAFPID-50",
            "CSAFPID-51",
            "CSAFPID-52",
            "CSAFPID-53",
            "CSAFPID-54",
            "CSAFPID-55",
            "CSAFPID-56",
            "CSAFPID-57",
            "CSAFPID-58",
            "CSAFPID-59",
            "CSAFPID-60",
            "CSAFPID-61",
            "CSAFPID-62",
            "CSAFPID-63",
            "CSAFPID-64",
            "CSAFPID-65",
            "CSAFPID-66",
            "CSAFPID-67",
            "CSAFPID-68",
            "CSAFPID-69",
            "CSAFPID-70",
            "CSAFPID-71",
            "CSAFPID-72",
            "CSAFPID-73",
            "CSAFPID-74"
          ]
        }
      ],
      "title": "CVE-2026-23653"
    },
    {
      "cve": "CVE-2026-23666",
      "notes": [
        {
          "category": "description",
          "text": "A race condition in the .NET Framework\u0027s concurrent execution of shared resources allows unauthorized attackers to cause a denial of service over a network.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18",
          "CSAFPID-19",
          "CSAFPID-20",
          "CSAFPID-21",
          "CSAFPID-22",
          "CSAFPID-23",
          "CSAFPID-24",
          "CSAFPID-25",
          "CSAFPID-26",
          "CSAFPID-27",
          "CSAFPID-28",
          "CSAFPID-29",
          "CSAFPID-30",
          "CSAFPID-31",
          "CSAFPID-32",
          "CSAFPID-33",
          "CSAFPID-34",
          "CSAFPID-35",
          "CSAFPID-36",
          "CSAFPID-37",
          "CSAFPID-38",
          "CSAFPID-39",
          "CSAFPID-40",
          "CSAFPID-41",
          "CSAFPID-42",
          "CSAFPID-43",
          "CSAFPID-44",
          "CSAFPID-45",
          "CSAFPID-46",
          "CSAFPID-47",
          "CSAFPID-48",
          "CSAFPID-49",
          "CSAFPID-50",
          "CSAFPID-51",
          "CSAFPID-52",
          "CSAFPID-53",
          "CSAFPID-54",
          "CSAFPID-55",
          "CSAFPID-56",
          "CSAFPID-57",
          "CSAFPID-58",
          "CSAFPID-59",
          "CSAFPID-60",
          "CSAFPID-61",
          "CSAFPID-62",
          "CSAFPID-63",
          "CSAFPID-64",
          "CSAFPID-65",
          "CSAFPID-66",
          "CSAFPID-67",
          "CSAFPID-68",
          "CSAFPID-69",
          "CSAFPID-70",
          "CSAFPID-71",
          "CSAFPID-72",
          "CSAFPID-73",
          "CSAFPID-74"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-23666 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-23666.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18",
            "CSAFPID-19",
            "CSAFPID-20",
            "CSAFPID-21",
            "CSAFPID-22",
            "CSAFPID-23",
            "CSAFPID-24",
            "CSAFPID-25",
            "CSAFPID-26",
            "CSAFPID-27",
            "CSAFPID-28",
            "CSAFPID-29",
            "CSAFPID-30",
            "CSAFPID-31",
            "CSAFPID-32",
            "CSAFPID-33",
            "CSAFPID-34",
            "CSAFPID-35",
            "CSAFPID-36",
            "CSAFPID-37",
            "CSAFPID-38",
            "CSAFPID-39",
            "CSAFPID-40",
            "CSAFPID-41",
            "CSAFPID-42",
            "CSAFPID-43",
            "CSAFPID-44",
            "CSAFPID-45",
            "CSAFPID-46",
            "CSAFPID-47",
            "CSAFPID-48",
            "CSAFPID-49",
            "CSAFPID-50",
            "CSAFPID-51",
            "CSAFPID-52",
            "CSAFPID-53",
            "CSAFPID-54",
            "CSAFPID-55",
            "CSAFPID-56",
            "CSAFPID-57",
            "CSAFPID-58",
            "CSAFPID-59",
            "CSAFPID-60",
            "CSAFPID-61",
            "CSAFPID-62",
            "CSAFPID-63",
            "CSAFPID-64",
            "CSAFPID-65",
            "CSAFPID-66",
            "CSAFPID-67",
            "CSAFPID-68",
            "CSAFPID-69",
            "CSAFPID-70",
            "CSAFPID-71",
            "CSAFPID-72",
            "CSAFPID-73",
            "CSAFPID-74"
          ]
        }
      ],
      "title": "CVE-2026-23666"
    },
    {
      "cve": "CVE-2026-26143",
      "notes": [
        {
          "category": "description",
          "text": "Improper input validation in Microsoft PowerShell enables a local unauthorized attacker to bypass security features, potentially compromising system integrity.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18",
          "CSAFPID-19",
          "CSAFPID-20",
          "CSAFPID-21",
          "CSAFPID-22",
          "CSAFPID-23",
          "CSAFPID-24",
          "CSAFPID-25",
          "CSAFPID-26",
          "CSAFPID-27",
          "CSAFPID-28",
          "CSAFPID-29",
          "CSAFPID-30",
          "CSAFPID-31",
          "CSAFPID-32",
          "CSAFPID-33",
          "CSAFPID-34",
          "CSAFPID-35",
          "CSAFPID-36",
          "CSAFPID-37",
          "CSAFPID-38",
          "CSAFPID-39",
          "CSAFPID-40",
          "CSAFPID-41",
          "CSAFPID-42",
          "CSAFPID-43",
          "CSAFPID-44",
          "CSAFPID-45",
          "CSAFPID-46",
          "CSAFPID-47",
          "CSAFPID-48",
          "CSAFPID-49",
          "CSAFPID-50",
          "CSAFPID-51",
          "CSAFPID-52",
          "CSAFPID-53",
          "CSAFPID-54",
          "CSAFPID-55",
          "CSAFPID-56",
          "CSAFPID-57",
          "CSAFPID-58",
          "CSAFPID-59",
          "CSAFPID-60",
          "CSAFPID-61",
          "CSAFPID-62",
          "CSAFPID-63",
          "CSAFPID-64",
          "CSAFPID-65",
          "CSAFPID-66",
          "CSAFPID-67",
          "CSAFPID-68",
          "CSAFPID-69",
          "CSAFPID-70",
          "CSAFPID-71",
          "CSAFPID-72",
          "CSAFPID-73",
          "CSAFPID-74"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-26143 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-26143.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18",
            "CSAFPID-19",
            "CSAFPID-20",
            "CSAFPID-21",
            "CSAFPID-22",
            "CSAFPID-23",
            "CSAFPID-24",
            "CSAFPID-25",
            "CSAFPID-26",
            "CSAFPID-27",
            "CSAFPID-28",
            "CSAFPID-29",
            "CSAFPID-30",
            "CSAFPID-31",
            "CSAFPID-32",
            "CSAFPID-33",
            "CSAFPID-34",
            "CSAFPID-35",
            "CSAFPID-36",
            "CSAFPID-37",
            "CSAFPID-38",
            "CSAFPID-39",
            "CSAFPID-40",
            "CSAFPID-41",
            "CSAFPID-42",
            "CSAFPID-43",
            "CSAFPID-44",
            "CSAFPID-45",
            "CSAFPID-46",
            "CSAFPID-47",
            "CSAFPID-48",
            "CSAFPID-49",
            "CSAFPID-50",
            "CSAFPID-51",
            "CSAFPID-52",
            "CSAFPID-53",
            "CSAFPID-54",
            "CSAFPID-55",
            "CSAFPID-56",
            "CSAFPID-57",
            "CSAFPID-58",
            "CSAFPID-59",
            "CSAFPID-60",
            "CSAFPID-61",
            "CSAFPID-62",
            "CSAFPID-63",
            "CSAFPID-64",
            "CSAFPID-65",
            "CSAFPID-66",
            "CSAFPID-67",
            "CSAFPID-68",
            "CSAFPID-69",
            "CSAFPID-70",
            "CSAFPID-71",
            "CSAFPID-72",
            "CSAFPID-73",
            "CSAFPID-74"
          ]
        }
      ],
      "title": "CVE-2026-26143"
    },
    {
      "cve": "CVE-2026-26171",
      "cwe": {
        "id": "CWE-611",
        "name": "Improper Restriction of XML External Entity Reference"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Restriction of XML External Entity Reference",
          "title": "CWE-611"
        },
        {
          "category": "description",
          "text": "Uncontrolled resource consumption vulnerabilities in the .NET framework allow unauthorized attackers to cause denial of service conditions over a network by exhausting system resources.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18",
          "CSAFPID-19",
          "CSAFPID-20",
          "CSAFPID-21",
          "CSAFPID-22",
          "CSAFPID-23",
          "CSAFPID-24",
          "CSAFPID-25",
          "CSAFPID-26",
          "CSAFPID-27",
          "CSAFPID-28",
          "CSAFPID-29",
          "CSAFPID-30",
          "CSAFPID-31",
          "CSAFPID-32",
          "CSAFPID-33",
          "CSAFPID-34",
          "CSAFPID-35",
          "CSAFPID-36",
          "CSAFPID-37",
          "CSAFPID-38",
          "CSAFPID-39",
          "CSAFPID-40",
          "CSAFPID-41",
          "CSAFPID-42",
          "CSAFPID-43",
          "CSAFPID-44",
          "CSAFPID-45",
          "CSAFPID-46",
          "CSAFPID-47",
          "CSAFPID-48",
          "CSAFPID-49",
          "CSAFPID-50",
          "CSAFPID-51",
          "CSAFPID-52",
          "CSAFPID-53",
          "CSAFPID-54",
          "CSAFPID-55",
          "CSAFPID-56",
          "CSAFPID-57",
          "CSAFPID-58",
          "CSAFPID-59",
          "CSAFPID-60",
          "CSAFPID-61",
          "CSAFPID-62",
          "CSAFPID-63",
          "CSAFPID-64",
          "CSAFPID-65",
          "CSAFPID-66",
          "CSAFPID-67",
          "CSAFPID-68",
          "CSAFPID-69",
          "CSAFPID-70",
          "CSAFPID-71",
          "CSAFPID-72",
          "CSAFPID-73",
          "CSAFPID-74"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-26171 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-26171.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18",
            "CSAFPID-19",
            "CSAFPID-20",
            "CSAFPID-21",
            "CSAFPID-22",
            "CSAFPID-23",
            "CSAFPID-24",
            "CSAFPID-25",
            "CSAFPID-26",
            "CSAFPID-27",
            "CSAFPID-28",
            "CSAFPID-29",
            "CSAFPID-30",
            "CSAFPID-31",
            "CSAFPID-32",
            "CSAFPID-33",
            "CSAFPID-34",
            "CSAFPID-35",
            "CSAFPID-36",
            "CSAFPID-37",
            "CSAFPID-38",
            "CSAFPID-39",
            "CSAFPID-40",
            "CSAFPID-41",
            "CSAFPID-42",
            "CSAFPID-43",
            "CSAFPID-44",
            "CSAFPID-45",
            "CSAFPID-46",
            "CSAFPID-47",
            "CSAFPID-48",
            "CSAFPID-49",
            "CSAFPID-50",
            "CSAFPID-51",
            "CSAFPID-52",
            "CSAFPID-53",
            "CSAFPID-54",
            "CSAFPID-55",
            "CSAFPID-56",
            "CSAFPID-57",
            "CSAFPID-58",
            "CSAFPID-59",
            "CSAFPID-60",
            "CSAFPID-61",
            "CSAFPID-62",
            "CSAFPID-63",
            "CSAFPID-64",
            "CSAFPID-65",
            "CSAFPID-66",
            "CSAFPID-67",
            "CSAFPID-68",
            "CSAFPID-69",
            "CSAFPID-70",
            "CSAFPID-71",
            "CSAFPID-72",
            "CSAFPID-73",
            "CSAFPID-74"
          ]
        }
      ],
      "title": "CVE-2026-26171"
    },
    {
      "cve": "CVE-2026-32178",
      "notes": [
        {
          "category": "description",
          "text": "Improper neutralization of special elements in the .NET framework allows unauthorized attackers to conduct network spoofing attacks, compromising network integrity and security.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18",
          "CSAFPID-19",
          "CSAFPID-20",
          "CSAFPID-21",
          "CSAFPID-22",
          "CSAFPID-23",
          "CSAFPID-24",
          "CSAFPID-25",
          "CSAFPID-26",
          "CSAFPID-27",
          "CSAFPID-28",
          "CSAFPID-29",
          "CSAFPID-30",
          "CSAFPID-31",
          "CSAFPID-32",
          "CSAFPID-33",
          "CSAFPID-34",
          "CSAFPID-35",
          "CSAFPID-36",
          "CSAFPID-37",
          "CSAFPID-38",
          "CSAFPID-39",
          "CSAFPID-40",
          "CSAFPID-41",
          "CSAFPID-42",
          "CSAFPID-43",
          "CSAFPID-44",
          "CSAFPID-45",
          "CSAFPID-46",
          "CSAFPID-47",
          "CSAFPID-48",
          "CSAFPID-49",
          "CSAFPID-50",
          "CSAFPID-51",
          "CSAFPID-52",
          "CSAFPID-53",
          "CSAFPID-54",
          "CSAFPID-55",
          "CSAFPID-56",
          "CSAFPID-57",
          "CSAFPID-58",
          "CSAFPID-59",
          "CSAFPID-60",
          "CSAFPID-61",
          "CSAFPID-62",
          "CSAFPID-63",
          "CSAFPID-64",
          "CSAFPID-65",
          "CSAFPID-66",
          "CSAFPID-67",
          "CSAFPID-68",
          "CSAFPID-69",
          "CSAFPID-70",
          "CSAFPID-71",
          "CSAFPID-72",
          "CSAFPID-73",
          "CSAFPID-74"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-32178 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-32178.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18",
            "CSAFPID-19",
            "CSAFPID-20",
            "CSAFPID-21",
            "CSAFPID-22",
            "CSAFPID-23",
            "CSAFPID-24",
            "CSAFPID-25",
            "CSAFPID-26",
            "CSAFPID-27",
            "CSAFPID-28",
            "CSAFPID-29",
            "CSAFPID-30",
            "CSAFPID-31",
            "CSAFPID-32",
            "CSAFPID-33",
            "CSAFPID-34",
            "CSAFPID-35",
            "CSAFPID-36",
            "CSAFPID-37",
            "CSAFPID-38",
            "CSAFPID-39",
            "CSAFPID-40",
            "CSAFPID-41",
            "CSAFPID-42",
            "CSAFPID-43",
            "CSAFPID-44",
            "CSAFPID-45",
            "CSAFPID-46",
            "CSAFPID-47",
            "CSAFPID-48",
            "CSAFPID-49",
            "CSAFPID-50",
            "CSAFPID-51",
            "CSAFPID-52",
            "CSAFPID-53",
            "CSAFPID-54",
            "CSAFPID-55",
            "CSAFPID-56",
            "CSAFPID-57",
            "CSAFPID-58",
            "CSAFPID-59",
            "CSAFPID-60",
            "CSAFPID-61",
            "CSAFPID-62",
            "CSAFPID-63",
            "CSAFPID-64",
            "CSAFPID-65",
            "CSAFPID-66",
            "CSAFPID-67",
            "CSAFPID-68",
            "CSAFPID-69",
            "CSAFPID-70",
            "CSAFPID-71",
            "CSAFPID-72",
            "CSAFPID-73",
            "CSAFPID-74"
          ]
        }
      ],
      "title": "CVE-2026-32178"
    },
    {
      "cve": "CVE-2026-32203",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "other",
          "text": "Stack-based Buffer Overflow",
          "title": "CWE-121"
        },
        {
          "category": "description",
          "text": "A stack-based buffer overflow vulnerability in .NET and Visual Studio allows an unauthorized attacker to cause a denial of service over a network.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18",
          "CSAFPID-19",
          "CSAFPID-20",
          "CSAFPID-21",
          "CSAFPID-22",
          "CSAFPID-23",
          "CSAFPID-24",
          "CSAFPID-25",
          "CSAFPID-26",
          "CSAFPID-27",
          "CSAFPID-28",
          "CSAFPID-29",
          "CSAFPID-30",
          "CSAFPID-31",
          "CSAFPID-32",
          "CSAFPID-33",
          "CSAFPID-34",
          "CSAFPID-35",
          "CSAFPID-36",
          "CSAFPID-37",
          "CSAFPID-38",
          "CSAFPID-39",
          "CSAFPID-40",
          "CSAFPID-41",
          "CSAFPID-42",
          "CSAFPID-43",
          "CSAFPID-44",
          "CSAFPID-45",
          "CSAFPID-46",
          "CSAFPID-47",
          "CSAFPID-48",
          "CSAFPID-49",
          "CSAFPID-50",
          "CSAFPID-51",
          "CSAFPID-52",
          "CSAFPID-53",
          "CSAFPID-54",
          "CSAFPID-55",
          "CSAFPID-56",
          "CSAFPID-57",
          "CSAFPID-58",
          "CSAFPID-59",
          "CSAFPID-60",
          "CSAFPID-61",
          "CSAFPID-62",
          "CSAFPID-63",
          "CSAFPID-64",
          "CSAFPID-65",
          "CSAFPID-66",
          "CSAFPID-67",
          "CSAFPID-68",
          "CSAFPID-69",
          "CSAFPID-70",
          "CSAFPID-71",
          "CSAFPID-72",
          "CSAFPID-73",
          "CSAFPID-74"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-32203 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-32203.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18",
            "CSAFPID-19",
            "CSAFPID-20",
            "CSAFPID-21",
            "CSAFPID-22",
            "CSAFPID-23",
            "CSAFPID-24",
            "CSAFPID-25",
            "CSAFPID-26",
            "CSAFPID-27",
            "CSAFPID-28",
            "CSAFPID-29",
            "CSAFPID-30",
            "CSAFPID-31",
            "CSAFPID-32",
            "CSAFPID-33",
            "CSAFPID-34",
            "CSAFPID-35",
            "CSAFPID-36",
            "CSAFPID-37",
            "CSAFPID-38",
            "CSAFPID-39",
            "CSAFPID-40",
            "CSAFPID-41",
            "CSAFPID-42",
            "CSAFPID-43",
            "CSAFPID-44",
            "CSAFPID-45",
            "CSAFPID-46",
            "CSAFPID-47",
            "CSAFPID-48",
            "CSAFPID-49",
            "CSAFPID-50",
            "CSAFPID-51",
            "CSAFPID-52",
            "CSAFPID-53",
            "CSAFPID-54",
            "CSAFPID-55",
            "CSAFPID-56",
            "CSAFPID-57",
            "CSAFPID-58",
            "CSAFPID-59",
            "CSAFPID-60",
            "CSAFPID-61",
            "CSAFPID-62",
            "CSAFPID-63",
            "CSAFPID-64",
            "CSAFPID-65",
            "CSAFPID-66",
            "CSAFPID-67",
            "CSAFPID-68",
            "CSAFPID-69",
            "CSAFPID-70",
            "CSAFPID-71",
            "CSAFPID-72",
            "CSAFPID-73",
            "CSAFPID-74"
          ]
        }
      ],
      "title": "CVE-2026-32203"
    },
    {
      "cve": "CVE-2026-32226",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
          "title": "CWE-362"
        },
        {
          "category": "description",
          "text": "A race condition in the .NET Framework\u0027s concurrent execution of shared resources allows unauthorized attackers to cause a denial of service over a network.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18",
          "CSAFPID-19",
          "CSAFPID-20",
          "CSAFPID-21",
          "CSAFPID-22",
          "CSAFPID-23",
          "CSAFPID-24",
          "CSAFPID-25",
          "CSAFPID-26",
          "CSAFPID-27",
          "CSAFPID-28",
          "CSAFPID-29",
          "CSAFPID-30",
          "CSAFPID-31",
          "CSAFPID-32",
          "CSAFPID-33",
          "CSAFPID-34",
          "CSAFPID-35",
          "CSAFPID-36",
          "CSAFPID-37",
          "CSAFPID-38",
          "CSAFPID-39",
          "CSAFPID-40",
          "CSAFPID-41",
          "CSAFPID-42",
          "CSAFPID-43",
          "CSAFPID-44",
          "CSAFPID-45",
          "CSAFPID-46",
          "CSAFPID-47",
          "CSAFPID-48",
          "CSAFPID-49",
          "CSAFPID-50",
          "CSAFPID-51",
          "CSAFPID-52",
          "CSAFPID-53",
          "CSAFPID-54",
          "CSAFPID-55",
          "CSAFPID-56",
          "CSAFPID-57",
          "CSAFPID-58",
          "CSAFPID-59",
          "CSAFPID-60",
          "CSAFPID-61",
          "CSAFPID-62",
          "CSAFPID-63",
          "CSAFPID-64",
          "CSAFPID-65",
          "CSAFPID-66",
          "CSAFPID-67",
          "CSAFPID-68",
          "CSAFPID-69",
          "CSAFPID-70",
          "CSAFPID-71",
          "CSAFPID-72",
          "CSAFPID-73",
          "CSAFPID-74"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-32226 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-32226.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18",
            "CSAFPID-19",
            "CSAFPID-20",
            "CSAFPID-21",
            "CSAFPID-22",
            "CSAFPID-23",
            "CSAFPID-24",
            "CSAFPID-25",
            "CSAFPID-26",
            "CSAFPID-27",
            "CSAFPID-28",
            "CSAFPID-29",
            "CSAFPID-30",
            "CSAFPID-31",
            "CSAFPID-32",
            "CSAFPID-33",
            "CSAFPID-34",
            "CSAFPID-35",
            "CSAFPID-36",
            "CSAFPID-37",
            "CSAFPID-38",
            "CSAFPID-39",
            "CSAFPID-40",
            "CSAFPID-41",
            "CSAFPID-42",
            "CSAFPID-43",
            "CSAFPID-44",
            "CSAFPID-45",
            "CSAFPID-46",
            "CSAFPID-47",
            "CSAFPID-48",
            "CSAFPID-49",
            "CSAFPID-50",
            "CSAFPID-51",
            "CSAFPID-52",
            "CSAFPID-53",
            "CSAFPID-54",
            "CSAFPID-55",
            "CSAFPID-56",
            "CSAFPID-57",
            "CSAFPID-58",
            "CSAFPID-59",
            "CSAFPID-60",
            "CSAFPID-61",
            "CSAFPID-62",
            "CSAFPID-63",
            "CSAFPID-64",
            "CSAFPID-65",
            "CSAFPID-66",
            "CSAFPID-67",
            "CSAFPID-68",
            "CSAFPID-69",
            "CSAFPID-70",
            "CSAFPID-71",
            "CSAFPID-72",
            "CSAFPID-73",
            "CSAFPID-74"
          ]
        }
      ],
      "title": "CVE-2026-32226"
    },
    {
      "cve": "CVE-2026-33116",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
          "title": "CWE-835"
        },
        {
          "category": "description",
          "text": "An infinite loop vulnerability in .NET, .NET Framework, and Visual Studio can be exploited by unauthorized attackers to cause a denial of service over a network.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18",
          "CSAFPID-19",
          "CSAFPID-20",
          "CSAFPID-21",
          "CSAFPID-22",
          "CSAFPID-23",
          "CSAFPID-24",
          "CSAFPID-25",
          "CSAFPID-26",
          "CSAFPID-27",
          "CSAFPID-28",
          "CSAFPID-29",
          "CSAFPID-30",
          "CSAFPID-31",
          "CSAFPID-32",
          "CSAFPID-33",
          "CSAFPID-34",
          "CSAFPID-35",
          "CSAFPID-36",
          "CSAFPID-37",
          "CSAFPID-38",
          "CSAFPID-39",
          "CSAFPID-40",
          "CSAFPID-41",
          "CSAFPID-42",
          "CSAFPID-43",
          "CSAFPID-44",
          "CSAFPID-45",
          "CSAFPID-46",
          "CSAFPID-47",
          "CSAFPID-48",
          "CSAFPID-49",
          "CSAFPID-50",
          "CSAFPID-51",
          "CSAFPID-52",
          "CSAFPID-53",
          "CSAFPID-54",
          "CSAFPID-55",
          "CSAFPID-56",
          "CSAFPID-57",
          "CSAFPID-58",
          "CSAFPID-59",
          "CSAFPID-60",
          "CSAFPID-61",
          "CSAFPID-62",
          "CSAFPID-63",
          "CSAFPID-64",
          "CSAFPID-65",
          "CSAFPID-66",
          "CSAFPID-67",
          "CSAFPID-68",
          "CSAFPID-69",
          "CSAFPID-70",
          "CSAFPID-71",
          "CSAFPID-72",
          "CSAFPID-73",
          "CSAFPID-74"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-33116 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-33116.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18",
            "CSAFPID-19",
            "CSAFPID-20",
            "CSAFPID-21",
            "CSAFPID-22",
            "CSAFPID-23",
            "CSAFPID-24",
            "CSAFPID-25",
            "CSAFPID-26",
            "CSAFPID-27",
            "CSAFPID-28",
            "CSAFPID-29",
            "CSAFPID-30",
            "CSAFPID-31",
            "CSAFPID-32",
            "CSAFPID-33",
            "CSAFPID-34",
            "CSAFPID-35",
            "CSAFPID-36",
            "CSAFPID-37",
            "CSAFPID-38",
            "CSAFPID-39",
            "CSAFPID-40",
            "CSAFPID-41",
            "CSAFPID-42",
            "CSAFPID-43",
            "CSAFPID-44",
            "CSAFPID-45",
            "CSAFPID-46",
            "CSAFPID-47",
            "CSAFPID-48",
            "CSAFPID-49",
            "CSAFPID-50",
            "CSAFPID-51",
            "CSAFPID-52",
            "CSAFPID-53",
            "CSAFPID-54",
            "CSAFPID-55",
            "CSAFPID-56",
            "CSAFPID-57",
            "CSAFPID-58",
            "CSAFPID-59",
            "CSAFPID-60",
            "CSAFPID-61",
            "CSAFPID-62",
            "CSAFPID-63",
            "CSAFPID-64",
            "CSAFPID-65",
            "CSAFPID-66",
            "CSAFPID-67",
            "CSAFPID-68",
            "CSAFPID-69",
            "CSAFPID-70",
            "CSAFPID-71",
            "CSAFPID-72",
            "CSAFPID-73",
            "CSAFPID-74"
          ]
        }
      ],
      "title": "CVE-2026-33116"
    }
  ]
}

FKIE_CVE-2026-26143

Vulnerability from fkie_nvd - Published: 2026-04-14 18:16 - Updated: 2026-04-14 18:16

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

Improper input validation in Microsoft PowerShell allows an unauthorized attacker to bypass a security feature locally.

References

	URL	Tags
	secure@microsoft.com	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26143

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Improper input validation in Microsoft PowerShell allows an unauthorized attacker to bypass a security feature locally."
    }
  ],
  "id": "CVE-2026-26143",
  "lastModified": "2026-04-14T18:16:45.620",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "secure@microsoft.com",
        "type": "Primary"
      }
    ]
  },
  "published": "2026-04-14T18:16:45.620",
  "references": [
    {
      "source": "secure@microsoft.com",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26143"
    }
  ],
  "sourceIdentifier": "secure@microsoft.com",
  "vulnStatus": "Received",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "secure@microsoft.com",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2026-26143 (GCVE-0-2026-26143)

MSRC_CVE-2026-26143

CERTFR-2026-AVI-0445

Solutions

GHSA-HRFW-JJGV-MG38

NCSC-2026-0114

FKIE_CVE-2026-26143

Tags

Sightings

Nomenclature