CVE-2026-42899
Loop with unreachable exit condition ('infinite loop') in ASP.NET Core allows an unauthorized attacker to deny service over a network.
CVSS
7.5
Alto
EPSS
2.4%
p82
KEV
—
Exploit Today
25
0-100
Publicado: 12 may 2026 · Última mod.: 15 jul 2026 · CWE-835
2.4%EPSS · 30 días2.4%
2026-06-302026-07-16
Loop with unreachable exit condition ('infinite loop') in ASP.NET Core allows an unauthorized attacker to deny service over a network.
- msrc.microsoft.comhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42899
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:17464
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:17527
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:17682
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:21286
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:21291
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:21293
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:21294
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:21295
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:21296
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:21297
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:21754
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:22145
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:24332
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:24333
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:24334
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:24335
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:24336
- access.redhat.comhttps://access.redhat.com/security/cve/CVE-2026-42899
- bugzilla.redhat.comhttps://bugzilla.redhat.com/show_bug.cgi?id=2476605
CVECVSSEPSSKEVRExplotTítuloVis.
CVE-2026-48907.5 ALT93.6%
——28A Denial of Service (DoS) vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via a crafted DNS packet.2dCVE-2026-331167.5 ALT80.0%
——24Loop with unreachable exit condition ('infinite loop') in .NET, .NET Framework, Visual Studio allows an unauthorized attacker to deny service over a network.2dCVE-2026-465227.5 ALT76.7%
——23ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2.23 and 6.9.13-48, due to a missing check in the MIFF decoder, a crafted file could cause an infinite loop resulting in CPU exhaustion. Versions 7.1.2.23 and 6.9.13-48 fix the issue.2dCVE-2023-301887.5 ALT73.3%
——22Memory Exhaustion vulnerability in ONLYOFFICE Document Server 4.0.3 through 7.3.2 allows remote attackers to cause a denial of service via crafted JavaScript file.8dCVE-2022-233527.5 ALT72.6%
——22An issue in BigAnt Software BigAnt Server v5.6.06 can lead to a Denial of Service (DoS).8dCVE-2026-506477.5 ALT61.9%
——19Loop with unreachable exit condition ('infinite loop') in Active Directory Federation Services (AD FS) allows an unauthorized attacker to deny service over a network.4h