VDB
ALSA-2026%3A4458
ALSA-2026%3A4458
PUBLISHED
CVSS 9.300000190734863 CRITICAL
Important: .NET 10.0 security update
Risk Scores
CVSS 4.0
9.300000190734863
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| AlmaLinux:8 | dotnet-sdk-10.0-source-built-artifacts | 0 |
| AlmaLinux:8 | dotnet-hostfxr-10.0 | 0 |
| AlmaLinux:8 | dotnet-sdk-10.0 | 0 |
| AlmaLinux:8 | dotnet-targeting-pack-10.0 | 0 |
| AlmaLinux:8 | aspnetcore-runtime-dbg-10.0 | 0 |
| AlmaLinux:8 | dotnet-templates-10.0 | 0 |
| AlmaLinux:8 | dotnet | 0 |
| AlmaLinux:8 | dotnet-sdk-aot-10.0 | 0 |
| AlmaLinux:8 | dotnet-runtime-10.0 | 0 |
| AlmaLinux:8 | dotnet-runtime-dbg-10.0 | 0 |
| AlmaLinux:8 | aspnetcore-targeting-pack-10.0 | 0 |
| AlmaLinux:8 | aspnetcore-runtime-10.0 | 0 |
| AlmaLinux:8 | dotnet-sdk-dbg-10.0 | 0 |
| AlmaLinux:8 | dotnet-host | 0 |
| AlmaLinux:8 | dotnet-apphost-pack-10.0 | 0 |
Exploit Intelligence
- seen_cves.json (github-poc)
- seen_cves.json (github-poc)
- seen_cves.json (github-poc)
- CVE-2026-26127.yml (github-poc)
- CVE-2026-26127.yml (github-poc)
- CVE-2026-26127.yml (github-poc)
- osv_test.go (github-poc)
- osv_test.go (github-poc)
- osv_test.go (github-poc)
- source1.c (github-poc)
…and 2 more exploits
Timeline
- Mar 12, 2026 CVE Published
- Apr 18, 2026 Distribution Patch
- Apr 18, 2026 Distribution Patch
- Apr 18, 2026 Security Advisory
References
- https://access.redhat.com/errata/RHSA-2026:4458 advisory
- https://access.redhat.com/security/cve/CVE-2026-26127 report
- https://access.redhat.com/security/cve/CVE-2026-26130 report
- https://bugzilla.redhat.com/2446098 report
- https://bugzilla.redhat.com/2446134 report
- https://errata.almalinux.org/8/ALSA-2026-4458.html advisory