nuget
901 tracked vulnerabilities.
CVE-2026-41173
MEDIUM
Unbounded HTTP response body read in OpenTelemetry.Sampler.AWS
Apr 23, 2026
CVSS 5.9
EPSS 0.00
CVE-2026-41078
MEDIUM
OpenTelemetry dotnet: Potential memory exhaustion via unbounded pooled-list sizing in Jaeger exporter conversion path
Apr 23, 2026
CVSS 5.9
EPSS 0.00
CVE-2026-40894
MEDIUM
OpenTelemetry dotnet: Excessive memory allocation when parsing OpenTelemetry propagation headers
Apr 23, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-40891
MEDIUM
OpenTelemetry dotnet: Unbounded `grpc-status-details-bin` parsing in OTLP/gRPC retry handling
Apr 23, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-40182
MEDIUM
OpenTelemetry dotnet: OTLP exporter reads unbounded HTTP response bodies
Apr 23, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-41134
HIGH
Kiota: Code Generation Literal Injection
Apr 22, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-40372
CRITICAL
ASP.NET Core Elevation of Privilege Vulnerability
Apr 21, 2026
CVSS 9.1
EPSS 0.11
CVE-2026-40324
CRITICAL
Hot Chocolate's Utf8GraphQLParser has Stack Overflow via Deeply Nested GraphQL Documents
Apr 18, 2026
CVSS 9.1
EPSS 0.01
CVE-2026-40321
HIGH
DNN Platform < 10.2.2 - SVG Upload Stored Cross-Site Scripting
Apr 17, 2026
CVSS 8.0
EPSS 0.08
CVE-2026-40306
MEDIUM
DNN has same HostGUID for all new installs
Apr 17, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-40305
MEDIUM
DNN has Force Friend Request Acceptance
Apr 17, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-39399
CRITICAL
NuGet Gallery: Arbitrary Blob Overwrite via Nuspec Confusion and URI Fragment Truncation
Apr 14, 2026
CVSS 9.6
EPSS 0.01
CVE-2026-33116
HIGH
.NET, .NET Framework, and Visual Studio Denial of Service Vulnerability
Apr 14, 2026
CVSS 7.5
EPSS 0.02
CVE-2026-32178
HIGH
.NET Spoofing Vulnerability
Apr 14, 2026
CVSS 7.5
EPSS 0.02
CVE-2026-26171
HIGH
Microsoft .NET and PowerShell - Resource Consumption Denial of Service
Apr 14, 2026
CVSS 7.5
EPSS 0.02
CVE-2026-40312
MEDIUM
ImageMagick: Off-by-One in MSL decoder could result in crash
Apr 13, 2026
CVSS 6.2
EPSS 0.00
CVE-2026-40311
MEDIUM
ImageMagick: Heap-use-after-free via XMP profile could result in a crash when printing values
Apr 13, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-40310
MEDIUM
ImageMagick: Heap out-of-bounds write in JP2 encoder
Apr 13, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-40183
MEDIUM
ImageMagick: Heap buffer overflow when encoding JXL image with a 16-bit float
Apr 13, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-40169
MEDIUM
ImageMagick: Heap buffer overflow (WRITE) in the YAML and JSON encoders
Apr 13, 2026
CVSS 6.2
EPSS 0.00
CVE-2026-34238
MEDIUM
ImageMagick: Integer overflow in despeckle operation causes heap buffer overflow on 32-bit builds
Apr 13, 2026
CVSS 5.1
EPSS 0.00
CVE-2026-33908
HIGH
ImageMagick is vulnerable to Stack Overflow in DestroyXMLTree()
Apr 13, 2026
CVSS 7.5
EPSS 0.01
CVE-2026-33905
MEDIUM
ImageMagick -sample Operation - Out-of-Bounds Read
Apr 13, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-33902
MEDIUM
ImageMagick: Stack Overflow via Recursive FX Expression Parsing
Apr 13, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-33901
HIGH
ImageMagick MVG Decoder - Heap Buffer Overflow
Apr 13, 2026
CVSS 7.5
EPSS 0.01
Products
Microsoft.ChakraCore 247
Magick.NET-Q16-AnyCPU 114
Magick.NET-Q16-HDRI-AnyCPU 114
Magick.NET-Q8-AnyCPU 114
Magick.NET-Q16-HDRI-x86 113
Magick.NET-Q16-x86 113
Magick.NET-Q8-x86 112
Magick.NET-Q16-HDRI-OpenMP-arm64 111
Magick.NET-Q16-HDRI-x64 111
Magick.NET-Q16-OpenMP-arm64 111
Magick.NET-Q16-OpenMP-x64 111
Magick.NET-Q16-arm64 111
Magick.NET-Q16-HDRI-arm64 110
Magick.NET-Q8-OpenMP-arm64 110
Magick.NET-Q8-arm64 110
Magick.NET-Q16-x64 107
Magick.NET-Q8-OpenMP-x64 107
Magick.NET-Q8-x64 104
Magick.NET-Q16-HDRI-OpenMP-x64 83
Magick.NET-Q16-OpenMP-x86 58
DotNetNuke.Core 35
Microsoft.AspNetCore.App.Runtime.win-x64 26
Microsoft.AspNetCore.App.Runtime.win-x86 25
Microsoft.AspNetCore.App.Runtime.win-arm 24
Microsoft.AspNetCore.App.Runtime.linux-x64 23
Microsoft.AspNetCore.App.Runtime.linux-arm 22
Microsoft.AspNetCore.App.Runtime.linux-arm64 22
Microsoft.AspNetCore.App.Runtime.linux-musl-x64 22
Microsoft.AspNetCore.App.Runtime.osx-x64 22
Microsoft.AspNetCore.App.Runtime.win-arm64 22
Quick Filters