CVE-2026-23666
Improper input validation in .NET Framework allows an unauthorized attacker to deny service over a network.
CVSS
7.5
High
EPSS
1.3%
p68
KEV
—
Exploit Today
20
0-100
Published: Apr 14, 2026 · Last modified: Jul 15, 2026 · CWE-755 · CWE-366
1.3%EPSS · 30 days1.3%
2026-06-302026-07-16
Improper input validation in .NET Framework allows an unauthorized attacker to deny service over a network.
- msrc.microsoft.comhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23666
- access.redhat.comhttps://access.redhat.com/security/cve/CVE-2026-23666
- bugzilla.redhat.comhttps://bugzilla.redhat.com/show_bug.cgi?id=2458271
- security.access.redhat.comhttps://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-23666.json
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2024-219077.5 HIG98.2%
——29Newtonsoft.Json before version 13.0.1 is affected by a mishandling of exceptional conditions vulnerability. Crafted data that is passed to the JsonConvert.DeserializeObject method may trigger a StackOverflow exception resulting in denial of service. Depending on the usage of the library, an unauthenticated and remote attacker may be able to cause the denial of service condition.2dCVE-2022-279787.5 HIG60.0%
——18Tooljet v1.6 does not properly handle missing values in the API, allowing attackers to arbitrarily reset passwords via a crafted HTTP request.8dCVE-2026-591627.5 HIG40.9%
——12Excelize is a Go language library for reading and writing Microsoft Excel spreadsheets. Prior to 2.11.0, Excelize parses shared-string cell values with strconv.Atoi and checks only the upper bound before indexing the shared string slice, allowing an XLSX file containing a shared-string cell with -1 to trigger sharedStrings[-1] and panic when read through GetCellValue or GetRows. This issue is fixed in version 2.11.0.10hCVE-2026-547756.5 MED25.8%
——8CoreWCF is a port of the service side of Windows Communication Foundation (WCF) to .NET Core. Prior to 1.8.1 and 1.9.1, a CoreWCF service listening on a Kafka topic stops processing new records from that topic when KafkaTransportPump receives a null-value tombstone record, causing a persistent endpoint denial of service for attackers with produce permission. This issue is fixed in versions 1.8.1 and 1.9.1.7dCVE-2026-599275.3 MED22.7%
——7Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, the Include directive in src/mistune/directives/include.py detects only direct self-includes and not indirect cycles, allowing two markdown files that include each other to trigger unbounded recursion, raise RecursionError, and crash the rendering request. This issue is fixed in version 3.3.0.7dCVE-2026-555775.9 MED13.2%
——4ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, a heap buffer overflow occurs in the MVG decoder that could result in an out of bounds write when processing a crafted image. This issue has been fixed in versions 6.9.13-51 and 7.1.2-26.14d