Primary

Context

.NET and Microsoft.Bcl.Memory Denial-of-Service Vulnerability

Vulnerability

Patched

A denial-of-service vulnerability has been identified in .NET versions 10.0.4 and 9.0.14, as well as in Microsoft.Bcl.Memory versions 10.0.4 and 9.0.14. This vulnerability arises from an out-of-bounds read, which allows an unauthorized attacker to disrupt service over a network.

Impact

Exploitation of this vulnerability leads to a denial-of-service condition, causing applications to become unresponsive or unavailable.

Remediation

Users can download the security update for .NET 9.0 or 10.0 from the official .NET website. For Microsoft.Bcl.Memory, the security update is available on NuGet. After downloading the update, it should be installed according to the standard procedure for applying updates in the respective environment.

Added: Mar 10, 2026, 7:08 PM

Updated: Mar 10, 2026, 7:08 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.7

remediation

7.7

relevance

3.7

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.7

remediation

7.7

relevance

3.7

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

.NET and Microsoft.Bcl.Memory Denial-of-Service Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Microsoft .NET

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating