{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-45491", "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "state": "PUBLISHED", "assignerShortName": "microsoft", "dateReserved": "2026-05-12T16:07:22.618Z", "datePublished": "2026-06-09T17:04:44.457Z", "dateUpdated": "2026-06-10T17:53:34.455Z"}, "containers": {"cna": {"title": ".NET Tampering Vulnerability", "datePublic": "2026-06-09T14:00:00.000Z", "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionStartIncluding": "10.0.0", "versionEndExcluding": "10.0.9"}, {"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionStartIncluding": "8.0", "versionEndExcluding": "8.0.28"}, {"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionStartIncluding": "8.0.0", "versionEndExcluding": "8.0.28"}, {"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionStartIncluding": "9.0.0", "versionEndExcluding": "9.0.17"}]}]}], "affected": [{"vendor": "Microsoft", "product": ".NET 10.0", "versions": [{"version": "10.0.0", "lessThan": "10.0.9", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": ".NET 8.0", "versions": [{"version": "8.0", "lessThan": "8.0.28", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": ".NET 8.0", "versions": [{"version": "8.0.0", "lessThan": "8.0.28", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": ".NET 9.0", "versions": [{"version": "9.0.0", "lessThan": "9.0.17", "versionType": "custom", "status": "affected"}]}], "descriptions": [{"value": "Improper link resolution before file access ('link following') in .NET allows an unauthorized attacker to perform tampering locally.", "lang": "en-US"}], "problemTypes": [{"descriptions": [{"description": "CWE-59: Improper Link Resolution Before File Access ('Link Following')", "lang": "en-US", "type": "CWE", "cweId": "CWE-59"}]}], "providerMetadata": {"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft", "dateUpdated": "2026-06-10T17:53:34.455Z"}, "references": [{"name": ".NET Tampering Vulnerability", "tags": ["vendor-advisory", "patch"], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45491"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en-US", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "baseSeverity": "MEDIUM", "baseScore": 6.2, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C"}}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-06-10T12:17:16.966103Z", "id": "CVE-2026-45491", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-06-10T12:17:26.789Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-45491", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-06-10T12:17:16.966103Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-06-10T12:17:21.270Z"}}], "cna": {"title": ".NET Tampering Vulnerability", "metrics": [{"format": "CVSS", "cvssV3_1": {"version": "3.1", "baseScore": 6.2, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C"}, "scenarios": [{"lang": "en-US", "value": "GENERAL"}]}], "affected": [{"vendor": "Microsoft", "product": ".NET 10.0", "versions": [{"status": "affected", "version": "10.0.0", "lessThan": "10.0.9", "versionType": "custom"}]}, {"vendor": "Microsoft", "product": ".NET 8.0", "versions": [{"status": "affected", "version": "8.0", "lessThan": "8.0.28", "versionType": "custom"}]}, {"vendor": "Microsoft", "product": ".NET 8.0", "versions": [{"status": "affected", "version": "8.0.0", "lessThan": "8.0.28", "versionType": "custom"}]}, {"vendor": "Microsoft", "product": ".NET 9.0", "versions": [{"status": "affected", "version": "9.0.0", "lessThan": "9.0.17", "versionType": "custom"}]}], "datePublic": "2026-06-09T14:00:00.000Z", "references": [{"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45491", "name": ".NET Tampering Vulnerability", "tags": ["vendor-advisory", "patch"]}], "descriptions": [{"lang": "en-US", "value": "Improper link resolution before file access ('link following') in .NET allows an unauthorized attacker to perform tampering locally."}], "problemTypes": [{"descriptions": [{"lang": "en-US", "type": "CWE", "cweId": "CWE-59", "description": "CWE-59: Improper Link Resolution Before File Access ('Link Following')"}]}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "10.0.9", "versionStartIncluding": "10.0.0"}, {"criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "8.0.28", "versionStartIncluding": "8.0"}, {"criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "8.0.28", "versionStartIncluding": "8.0.0"}, {"criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "9.0.17", "versionStartIncluding": "9.0.0"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft", "dateUpdated": "2026-06-10T17:53:34.455Z"}}}, "cveMetadata": {"cveId": "CVE-2026-45491", "state": "PUBLISHED", "dateUpdated": "2026-06-10T17:53:34.455Z", "dateReserved": "2026-05-12T16:07:22.618Z", "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "datePublished": "2026-06-09T17:04:44.457Z", "assignerShortName": "microsoft"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Improper link resolution before file access ('link following') in .NET allows an unauthorized attacker to perform tampering locally."}], "id": "CVE-2026-45491", "lastModified": "2026-06-09T19:32:51.440", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.5, "impactScore": 3.6, "source": "secure@microsoft.com", "type": "Primary"}]}, "published": "2026-06-09T17:17:25.567", "references": [{"source": "secure@microsoft.com", "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45491"}], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-59"}], "source": "secure@microsoft.com", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2026:25111", "cpe": "cpe:/o:redhat:enterprise_linux:10.2", "package": "dotnet8.0-0:8.0.128-1.el10_2", "product_name": "Red Hat Enterprise Linux 10", "release_date": "2026-06-10T00:00:00Z"}, {"advisory": "RHSA-2026:25112", "cpe": "cpe:/o:redhat:enterprise_linux:10.2", "package": "dotnet9.0-0:9.0.118-1.el10_2", "product_name": "Red Hat Enterprise Linux 10", "release_date": "2026-06-10T00:00:00Z"}, {"advisory": "RHSA-2026:25110", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "dotnet8.0-0:8.0.128-1.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2026-06-10T00:00:00Z"}, {"advisory": "RHSA-2026:25113", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "dotnet9.0-0:9.0.118-1.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2026-06-10T00:00:00Z"}, {"advisory": "RHSA-2026:25114", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "dotnet10.0-0:10.0.109-1.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2026-06-10T00:00:00Z"}, {"advisory": "RHSA-2026:17527", "cpe": "cpe:/a:redhat:hummingbird:1", "package": "dotnet9-0-main-9.0.117-1.hum1", "product_name": "Red Hat Hardened Images", "release_date": "2026-05-14T00:00:00Z"}], "bugzilla": {"description": "dotnet: .NET: Local file tampering via link following vulnerability", "id": "2487164", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487164"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.2", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "status": "verified"}, "cwe": "CWE-59", "details": ["Improper link resolution before file access ('link following') in .NET allows an unauthorized attacker to perform tampering locally.", "A flaw was found in .NET. This vulnerability, related to improper link resolution before file access (also known as 'link following'), allows an unauthorized local attacker to perform unauthorized tampering. This could lead to integrity compromise of local files."], "name": "CVE-2026-45491", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Affected", "package_name": "dotnet10.0", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "dotnet10.0", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "dotnet8.0", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "dotnet9.0", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/a:redhat:hummingbird:1", "fix_state": "Affected", "package_name": "dotnet10.0", "product_name": "Red Hat Hardened Images"}, {"cpe": "cpe:/a:redhat:hummingbird:1", "fix_state": "Affected", "package_name": "dotnet8.0", "product_name": "Red Hat Hardened Images"}], "public_date": "2026-06-09T17:04:44Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-45491\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-45491\nhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45491"], "threat_severity": "Moderate"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[10.0.0,10.0.9)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[8.0,8.0.28)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[8.0.0,8.0.28)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[9.0.0,9.0.17)"}}], "enrichment": {"confidence": 95.0, "confidence_source": "inferred", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "product": ".net", "vendor": "microsoft"}], "created": "2026-06-09T19:15:12.044013+00:00", "updated": "2026-06-10T11:15:05.755583+00:00", "vendors": ["microsoft", "microsoft$PRODUCT$.net"]}