dotnet-sdk-dbg-10.0 (AlmaLinux:10) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the AlmaLinux:10 package dotnet-sdk-dbg-10.0, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVE-2026-26130 — CVSS 7.5 (high): Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network.
CVE-2026-42899 — CVSS 7.5 (high): Loop with unreachable exit condition ('infinite loop') in ASP.NET Core allows an unauthorized attacker to deny service over a network.
CVE-2026-45591 — CVSS 7.5 (high): Uncontrolled resource consumption in ASP.NET Core allows an unauthorized attacker to deny service over a network.
CVE-2026-45491 — CVSS 6.2 (medium): Improper link resolution before file access ('link following') in .NET allows an unauthorized attacker to perform tampering locally.