Volerion logoVolerion
Volerion logoVolerion

.NET Core Tampering Vulnerability Allowing Arbitrary File Writing

Vulnerability

A tampering vulnerability has been identified in .NET Core, where the framework improperly manages specially crafted files. This vulnerability allows an attacker to write arbitrary files and directories to specific locations on a vulnerable system. However, the attacker would have limited control over where these files and directories are placed. To exploit this vulnerability, an attacker must send a specially crafted file to the affected system.

Impact

Exploitation of this vulnerability could lead to unauthorized file and directory writing on the affected system, potentially allowing for further manipulation or misuse of the system.

Remediation

Users can download the security update for .NET 9.0, .NET 8.0, .NET 10.0, and various versions of Microsoft Visual Studio from the Microsoft Visual Studio Update Center. Instructions for downloading the security update for each product are available on the Microsoft Support website.

Added: May 12, 2026, 6:18 PM
Updated: May 12, 2026, 6:18 PM

Vulnerability Rating

Custom Algorithm
spread
0.0
impact
0.6
exploitability
6.6
remediation
0.0
relevance
8.1
threat
0.0
urgency
2.9
incentive
0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.