Volerion logoVolerion
Volerion logoVolerion

Microsoft ASP.NET Core Uncontrolled Resource Consumption Denial-of-Service Vulnerability

Vulnerability

A denial-of-service vulnerability has been identified in ASP.NET Core, specifically in versions 8.0, 9.0, and 10.0, as well as in .NET 8.0 and 10.0 across Windows, Linux, and Mac OS. This vulnerability allows an unauthorized attacker to cause uncontrolled resource consumption, leading to a denial-of-service condition over the network.

Impact

Exploitation of this vulnerability causes a significant denial-of-service condition, allowing an attacker to disrupt network services by overwhelming system resources.

Remediation

Users can download the security update for ASP.NET Core and .NET 10.0 from the official .NET website. For ASP.NET Core 9.0 and 8.0, the security update is also available on the .NET website. Visual Studio 2026 users can download the security update through the Visual Studio Downloads page.

Added: Jun 9, 2026, 6:35 PM
Updated: Jun 9, 2026, 6:35 PM

Vulnerability Rating

Custom Algorithm
spread
7.6
impact
2.5
exploitability
7.6
remediation
7.7
relevance
9.6
threat
0.0
urgency
2.9
incentive
4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.