CVE-2026-26171

Uncontrolled resource consumption in .NET allows an unauthorized attacker to deny service over a network.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*
OR cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*
OR cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*
OR cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

Configuration 4 (hide)

OR cpe:2.3:a:microsoft:powershell:*:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:powershell:*:*:*:*:*:*:*:*

History

30 Jun 2026, 03:17

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2026:13280 -
  • () https://access.redhat.com/errata/RHSA-2026:13281 -
  • () https://access.redhat.com/errata/RHSA-2026:13282 -
  • () https://access.redhat.com/errata/RHSA-2026:13283 -
  • () https://access.redhat.com/errata/RHSA-2026:13693 -
  • () https://access.redhat.com/errata/RHSA-2026:8467 -
  • () https://access.redhat.com/errata/RHSA-2026:8468 -
  • () https://access.redhat.com/errata/RHSA-2026:8469 -
  • () https://access.redhat.com/errata/RHSA-2026:8470 -
  • () https://access.redhat.com/errata/RHSA-2026:8471 -
  • () https://access.redhat.com/errata/RHSA-2026:8472 -
  • () https://access.redhat.com/errata/RHSA-2026:8473 -
  • () https://access.redhat.com/errata/RHSA-2026:8474 -
  • () https://access.redhat.com/errata/RHSA-2026:8475 -
  • () https://access.redhat.com/errata/RHSA-2026:9077 -
  • () https://access.redhat.com/errata/RHSA-2026:9080 -
  • () https://access.redhat.com/errata/RHSA-2026:9205 -
  • () https://access.redhat.com/security/cve/CVE-2026-26171 -
  • () https://bugzilla.redhat.com/show_bug.cgi?id=2457739 -
  • () https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-26171.json -
CWE CWE-776

07 May 2026, 19:42

Type Values Removed Values Added
References () https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26171 - () https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26171 - Vendor Advisory
CPE cpe:2.3:a:microsoft:powershell:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
First Time Microsoft powershell
Apple macos
Microsoft windows
Linux
Microsoft
Linux linux Kernel
Microsoft .net
Apple

14 Apr 2026, 18:16

Type Values Removed Values Added
New CVE

Information

Published : 2026-04-14 18:16

Updated : 2026-07-15 02:19


NVD link : CVE-2026-26171

Mitre link : CVE-2026-26171

CVE.ORG link : CVE-2026-26171


JSON object : View

Products Affected

microsoft

  • windows
  • .net
  • powershell

linux

  • linux_kernel

apple

  • macos
CWE
CWE-400

Uncontrolled Resource Consumption

CWE-611

Improper Restriction of XML External Entity Reference

CWE-776

Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')