Microsoft patches publicly disclosed .NET DoS flaw that can crash apps with crafted requests

Microsoft has released security updates for CVE-2026-26127, a publicly disclosed denial-of-service vulnerability in .NET and Microsoft.Bcl.Memory. The flaw can let a remote, unauthenticated attacker crash a vulnerable application by sending malformed Base64Url input, according to Microsoft’s official .NET security advisory. The issue affects .NET 9.0 and .NET 10.0 across all platforms and architectures, which means […] The post Microsoft patches publicly disclosed .NET DoS flaw that can crash apps with crafted requests appeared first on VPN Central.