{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-26646", "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "state": "PUBLISHED", "assignerShortName": "microsoft", "dateReserved": "2025-02-12T19:23:29.269Z", "datePublished": "2025-05-13T21:39:52.529Z", "dateUpdated": "2025-07-08T16:02:35.745Z"}, "containers": {"cna": {"title": ".NET, Visual Studio, and Build Tools for Visual Studio Spoofing Vulnerability", "datePublic": "2025-05-13T07:00:00.000Z", "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionStartIncluding": "8.0.0", "versionEndExcluding": "8.0.16"}, {"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionStartIncluding": "9.0.0", "versionEndExcluding": "9.0.5"}, {"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionStartIncluding": "17.0", "versionEndExcluding": "17.12.8"}, {"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionStartIncluding": "17.10", "versionEndExcluding": "17.13.7"}, {"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionStartIncluding": "17.8.0", "versionEndExcluding": "17.8.21"}, {"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionStartIncluding": "17.10", "versionEndExcluding": "17.10.15"}, {"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:build_tools_for_visual_studio_2022:*:*:*:*:*:*:*:*", "versionStartIncluding": "17.0", "versionEndExcluding": "Fixed Version 17.13.7"}]}]}], "affected": [{"vendor": "Microsoft", "product": ".NET 8.0", "platforms": ["Unknown"], "versions": [{"version": "8.0.0", "lessThan": "8.0.16", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": ".NET 9.0", "platforms": ["Unknown"], "versions": [{"version": "9.0.0", "lessThan": "9.0.5", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Microsoft Visual Studio 2022 version 17.12", "platforms": ["Unknown"], "versions": [{"version": "17.0", "lessThan": "17.12.8", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Microsoft Visual Studio 2022 version 17.13", "platforms": ["Unknown"], "versions": [{"version": "17.10", "lessThan": "17.13.7", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Microsoft Visual Studio 2022 version 17.8", "platforms": ["Unknown"], "versions": [{"version": "17.8.0", "lessThan": "17.8.21", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Microsoft Visual Studio 2022 version 17.10", "platforms": ["Unknown"], "versions": [{"version": "17.10", "lessThan": "17.10.15", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Build Tools for Visual Studio 2022", "platforms": ["Unknown"], "versions": [{"version": "17.0", "lessThan": "Fixed Version 17.13.7", "versionType": "custom", "status": "affected"}]}], "descriptions": [{"value": "External control of file name or path in .NET, Visual Studio, and Build Tools for Visual Studio allows an authorized attacker to perform spoofing over a network.", "lang": "en-US"}], "problemTypes": [{"descriptions": [{"description": "CWE-73: External Control of File Name or Path", "lang": "en-US", "type": "CWE", "cweId": "CWE-73"}]}], "providerMetadata": {"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft", "dateUpdated": "2025-07-08T16:02:35.745Z"}, "references": [{"name": ".NET, Visual Studio, and Build Tools for Visual Studio Spoofing Vulnerability", "tags": ["vendor-advisory"], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26646"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en-US", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "baseSeverity": "HIGH", "baseScore": 8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"}}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-05-14T00:00:00+00:00", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3", "id": "CVE-2025-26646"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-15T04:01:52.372Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-26646", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-05-14T15:57:11.895456Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-14T15:58:20.799Z"}}], "cna": {"title": ".NET, Visual Studio, and Build Tools for Visual Studio Spoofing Vulnerability", "metrics": [{"format": "CVSS", "cvssV3_1": {"version": "3.1", "baseScore": 8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"}, "scenarios": [{"lang": "en-US", "value": "GENERAL"}]}], "affected": [{"vendor": "Microsoft", "product": ".NET 8.0", "versions": [{"status": "affected", "version": "8.0.0", "lessThan": "8.0.16", "versionType": "custom"}], "platforms": ["Unknown"]}, {"vendor": "Microsoft", "product": ".NET 9.0", "versions": [{"status": "affected", "version": "9.0.0", "lessThan": "9.0.5", "versionType": "custom"}], "platforms": ["Unknown"]}, {"vendor": "Microsoft", "product": "Microsoft Visual Studio 2022 version 17.12", "versions": [{"status": "affected", "version": "17.0", "lessThan": "17.12.8", "versionType": "custom"}], "platforms": ["Unknown"]}, {"vendor": "Microsoft", "product": "Microsoft Visual Studio 2022 version 17.13", "versions": [{"status": "affected", "version": "17.10", "lessThan": "17.13.7", "versionType": "custom"}], "platforms": ["Unknown"]}, {"vendor": "Microsoft", "product": "Microsoft Visual Studio 2022 version 17.8", "versions": [{"status": "affected", "version": "17.8.0", "lessThan": "17.8.21", "versionType": "custom"}], "platforms": ["Unknown"]}, {"vendor": "Microsoft", "product": "Microsoft Visual Studio 2022 version 17.10", "versions": [{"status": "affected", "version": "17.10", "lessThan": "17.10.15", "versionType": "custom"}], "platforms": ["Unknown"]}, {"vendor": "Microsoft", "product": "Build Tools for Visual Studio 2022", "versions": [{"status": "affected", "version": "17.0", "lessThan": "Fixed Version 17.13.7", "versionType": "custom"}], "platforms": ["Unknown"]}], "datePublic": "2025-05-13T07:00:00.000Z", "references": [{"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26646", "name": ".NET, Visual Studio, and Build Tools for Visual Studio Spoofing Vulnerability", "tags": ["vendor-advisory"]}], "descriptions": [{"lang": "en-US", "value": "External control of file name or path in .NET, Visual Studio, and Build Tools for Visual Studio allows an authorized attacker to perform spoofing over a network."}], "problemTypes": [{"descriptions": [{"lang": "en-US", "type": "CWE", "cweId": "CWE-73", "description": "CWE-73: External Control of File Name or Path"}]}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "8.0.16", "versionStartIncluding": "8.0.0"}, {"criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "9.0.5", "versionStartIncluding": "9.0.0"}, {"criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "17.12.8", "versionStartIncluding": "17.0"}, {"criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "17.13.7", "versionStartIncluding": "17.10"}, {"criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "17.8.21", "versionStartIncluding": "17.8.0"}, {"criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "17.10.15", "versionStartIncluding": "17.10"}, {"criteria": "cpe:2.3:a:microsoft:build_tools_for_visual_studio_2022:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "Fixed Version 17.13.7", "versionStartIncluding": "17.0"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft", "dateUpdated": "2025-07-08T16:02:35.745Z"}}}, "cveMetadata": {"cveId": "CVE-2025-26646", "state": "PUBLISHED", "dateUpdated": "2025-07-08T16:02:35.745Z", "dateReserved": "2025-02-12T19:23:29.269Z", "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "datePublished": "2025-05-13T21:39:52.529Z", "assignerShortName": "microsoft"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:build_tools:*:*:*:*:*:visual_studio:*:*", "matchCriteriaId": "EAA124E7-65D9-47F0-9511-FC6ECCD0E6E6", "versionEndExcluding": "17.13.7", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", "matchCriteriaId": "15DDEE89-4759-416F-89F8-EC9975C25B53", "versionEndExcluding": "17.8.21", "versionStartIncluding": "17.8.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", "matchCriteriaId": "382952FA-438B-4792-B8BB-501D3654CA5A", "versionEndExcluding": "17.10.15", "versionStartIncluding": "17.10.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", "matchCriteriaId": "42F8FD3E-FFD8-4963-84E5-AFBFEA76418F", "versionEndExcluding": "17.12.8", "versionStartIncluding": "17.12.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", "matchCriteriaId": "8A1AA7A3-18C1-4C90-ADB7-5070AC455451", "versionEndExcluding": "17.13.7", "versionStartIncluding": "17.13.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "matchCriteriaId": "CC60E71D-2EC5-46E1-AF1D-002D855EBE28", "versionEndExcluding": "9.0.5", "versionStartIncluding": "9.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false}, {"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "matchCriteriaId": "1A18F0AD-A304-42C4-A0E6-E74837FC6393", "versionEndExcluding": "8.0.16", "versionStartIncluding": "8.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false}, {"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "External control of file name or path in .NET, Visual Studio, and Build Tools for Visual Studio allows an authorized attacker to perform spoofing over a network."}, {"lang": "es", "value": "El control externo del nombre o la ruta de archivo en .NET, Visual Studio y Build Tools for Visual Studio permite que un atacante autorizado realice suplantaci\u00f3n de identidad a trav\u00e9s de una red."}], "id": "CVE-2025-26646", "lastModified": "2025-07-10T14:54:17.283", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.1, "impactScore": 5.9, "source": "secure@microsoft.com", "type": "Secondary"}]}, "published": "2025-05-13T22:15:20.493", "references": [{"source": "secure@microsoft.com", "tags": ["Vendor Advisory"], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26646"}], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-73"}], "source": "secure@microsoft.com", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2025:7599", "cpe": "cpe:/o:redhat:enterprise_linux:10.0", "package": "dotnet8.0-0:8.0.116-1.el10_0", "product_name": "Red Hat Enterprise Linux 10", "release_date": "2025-05-14T00:00:00Z"}, {"advisory": "RHSA-2025:7601", "cpe": "cpe:/o:redhat:enterprise_linux:10.0", "package": "dotnet9.0-0:9.0.106-1.el10_0", "product_name": "Red Hat Enterprise Linux 10", "release_date": "2025-05-14T00:00:00Z"}, {"advisory": "RHSA-2025:7571", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "dotnet9.0-0:9.0.106-1.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2025-05-14T00:00:00Z"}, {"advisory": "RHSA-2025:7589", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "dotnet8.0-0:8.0.116-1.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2025-05-14T00:00:00Z"}, {"advisory": "RHSA-2025:7598", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "dotnet8.0-0:8.0.116-1.el9_6", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2025-05-14T00:00:00Z"}, {"advisory": "RHSA-2025:7600", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "dotnet9.0-0:9.0.106-1.el9_6", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2025-05-14T00:00:00Z"}, {"advisory": "RHSA-2025:7603", "cpe": "cpe:/a:redhat:rhel_eus:9.4", "package": "dotnet8.0-0:8.0.116-1.el9_4", "product_name": "Red Hat Enterprise Linux 9.4 Extended Update Support", "release_date": "2025-05-14T00:00:00Z"}], "bugzilla": {"description": "dotnet: .NET and Visual Studio Spoofing Vulnerability", "id": "2365317", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2365317"}, "csaw": false, "cvss3": {"cvss3_base_score": "8.0", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-290", "details": ["External control of file name or path in .NET, Visual Studio, and Build Tools for Visual Studio allows an authorized attacker to perform spoofing over a network.", "A flaw was found in .NET and Visual Studio. This vulnerability allows an attacker to use specially crafted input to spoof trusted content or identities, potentially misleading users or systems. This issue requires user interaction and limited privileges but can lead to unauthorized actions or escalation due to incorrect identity or content validation handling."], "mitigation": {"lang": "en:us", "value": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability."}, "name": "CVE-2025-26646", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "dotnet6.0", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "dotnet7.0", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-05-14T03:06:48Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-26646\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-26646"], "statement": "This vulnerability in .NET is Important because it allows spoofing of trusted identities or content through crafted input, exploiting weaknesses in validation logic. While it requires user interaction and limited privileges, it can subvert authentication flows or integrity checks, leading to unauthorized actions. In security-sensitive contexts\u2014like signed assembly loading, secure package feeds, or automated build systems\u2014such spoofing can compromise trust boundaries and facilitate privilege escalation or supply chain attacks, making it more severe than a typical moderate flaw.", "threat_severity": "Important"}