CVE Catalog
CVE-2026-40372
CriticalCVSS 9.1Exploitation Probability (EPSS)
Very high risk11.21%
95th percentile — higher than 95% of all known CVEs
Summary
Improper verification of cryptographic signature in ASP.NET Core allows an unauthorized attacker to elevate privileges over a network.
Risk Assessment
An attacker could gain unauthorized access to application resources, potentially taking control of the system or data.
Recommendation
Immediately update ASP.NET Core to the latest patched version and verify authentication and cryptographic signature configurations.
Original NVD description (English source)
Improper verification of cryptographic signature in ASP.NET Core allows an unauthorized attacker to elevate privileges over a network.

