Vulnerability Details CVE-2026-45491
Improper link resolution before file access ('link following') in .NET allows an unauthorized attacker to perform tampering locally.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 31.0%
CVSS Severity
CVSS v3 Score 6.2
Products affected by CVE-2026-45491
-
cpe:2.3:a:microsoft:.net:10.0.0
-
cpe:2.3:a:microsoft:.net:10.0.1
-
cpe:2.3:a:microsoft:.net:10.0.2
-
cpe:2.3:a:microsoft:.net:10.0.3
-
cpe:2.3:a:microsoft:.net:10.0.5
-
cpe:2.3:a:microsoft:.net:8.0.0
-
cpe:2.3:a:microsoft:.net:8.0.1
-
cpe:2.3:a:microsoft:.net:8.0.10
-
cpe:2.3:a:microsoft:.net:8.0.11
-
cpe:2.3:a:microsoft:.net:8.0.12
-
cpe:2.3:a:microsoft:.net:8.0.13
-
cpe:2.3:a:microsoft:.net:8.0.14
-
cpe:2.3:a:microsoft:.net:8.0.15
-
cpe:2.3:a:microsoft:.net:8.0.16
-
cpe:2.3:a:microsoft:.net:8.0.17
-
cpe:2.3:a:microsoft:.net:8.0.18
-
cpe:2.3:a:microsoft:.net:8.0.19
-
cpe:2.3:a:microsoft:.net:8.0.2
-
cpe:2.3:a:microsoft:.net:8.0.20
-
cpe:2.3:a:microsoft:.net:8.0.21
-
cpe:2.3:a:microsoft:.net:8.0.22
-
cpe:2.3:a:microsoft:.net:8.0.23
-
cpe:2.3:a:microsoft:.net:8.0.24
-
cpe:2.3:a:microsoft:.net:8.0.3
-
cpe:2.3:a:microsoft:.net:8.0.4
-
cpe:2.3:a:microsoft:.net:8.0.5
-
cpe:2.3:a:microsoft:.net:8.0.6
-
cpe:2.3:a:microsoft:.net:8.0.7
-
cpe:2.3:a:microsoft:.net:8.0.8
-
cpe:2.3:a:microsoft:.net:8.0.9
-
cpe:2.3:a:microsoft:.net:9.0.0
-
cpe:2.3:a:microsoft:.net:9.0.1
-
cpe:2.3:a:microsoft:.net:9.0.10
-
cpe:2.3:a:microsoft:.net:9.0.11
-
cpe:2.3:a:microsoft:.net:9.0.12
-
cpe:2.3:a:microsoft:.net:9.0.13
-
cpe:2.3:a:microsoft:.net:9.0.14
-
cpe:2.3:a:microsoft:.net:9.0.2
-
cpe:2.3:a:microsoft:.net:9.0.3
-
cpe:2.3:a:microsoft:.net:9.0.4
-
cpe:2.3:a:microsoft:.net:9.0.5
-
cpe:2.3:a:microsoft:.net:9.0.6
-
cpe:2.3:a:microsoft:.net:9.0.7
-
cpe:2.3:a:microsoft:.net:9.0.8
-
cpe:2.3:a:microsoft:.net:9.0.9
-
-
cpe:2.3:o:linux:linux_kernel:-
-
cpe:2.3:o:microsoft:windows:-