CVE-2021-26701

HIGH

.NET Core 2.1 < 2.1.28 and .NET 5.0 < 5.0.4 - Remote Code Execution

Title source: llm
STIX 2.1

Description

.NET Core Remote Code Execution Vulnerability

Scores

CVSS v3 8.1
EPSS 0.3031
EPSS Percentile 98.0%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

Status published
Products (21)
fedoraproject/fedora 32
fedoraproject/fedora 33
fedoraproject/fedora 34
microsoft/.net 5.0 - 5.0.4
Microsoft/.NET 5.0 5.0.0 - publication
Microsoft/.NET Core 2.1 2.1 - publication
Microsoft/.NET Core 3.1 3.1 - publication
microsoft/.net_core 2.1 - 2.1.28
Microsoft/Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) 15.9.0 - publication
Microsoft/Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3) 16.0 - publication
... and 11 more
Published Feb 25, 2021
Tracked Since Feb 18, 2026