PT-2026-40132 · Microsoft · Net Core+1
Published
2026-05-12
·
Updated
2026-05-19
·
CVE-2026-32175
CVSS v3.1
4.3
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Microsoft Visual Studio/.NET versions prior to 10.0.8
Description
A tampering issue occurs when .NET Core improperly handles specially crafted files. An attacker can exploit this by sending a specially crafted file to a vulnerable system, allowing them to write arbitrary files and directories to specific locations. The attacker has limited control over the destination of these files and directories. This is related to an absolute path traversal, which is a technique used to access files and directories that are stored outside the intended folder.
Recommendations
Update to version 10.0.8 or later.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Net Core
Visual Studio