dotnet-apphost-pack-10.0 (AlmaLinux:8) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the AlmaLinux:8 package dotnet-apphost-pack-10.0, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (9)
CVE-2026-45591 — CVSS 7.5 (high): Uncontrolled resource consumption in ASP.NET Core allows an unauthorized attacker to deny service over a network.
CVE-2026-26130 — CVSS 7.5 (high): Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network.
CVE-2026-26171 — CVSS 7.5 (high): Uncontrolled resource consumption in .NET allows an unauthorized attacker to deny service over a network.
CVE-2026-32178 — CVSS 7.5 (high): Improper neutralization of special elements in .NET allows an unauthorized attacker to perform spoofing over a network.
CVE-2026-32203 — CVSS 7.5 (high): Stack-based buffer overflow in .NET and Visual Studio allows an unauthorized attacker to deny service over a network.
CVE-2026-33116 — CVSS 7.5 (high): Loop with unreachable exit condition ('infinite loop') in .NET, .NET Framework, Visual Studio allows an unauthorized attacker to deny…
CVE-2026-42899 — CVSS 7.5 (high): Loop with unreachable exit condition ('infinite loop') in ASP.NET Core allows an unauthorized attacker to deny service over a network.
CVE-2026-45491 — CVSS 6.2 (medium): Improper link resolution before file access ('link following') in .NET allows an unauthorized attacker to perform tampering locally.