CVE-2026-33116

high Microsoft
CVSS v3 Base Score
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
EPSS Score
2.1%
Exploitation probability in 30 days
Top 20% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Confidentiality
None
Integrity
None
Availability
High
Published: April 14, 2026 (87 days ago)
Last Modified: June 30, 2026
Vendor: Microsoft
Source: MITRE

Description

Loop with unreachable exit condition ('infinite loop') in .NET, .NET Framework, Visual Studio allows an unauthorized attacker to deny service over a network.

CWE

CWE-835

Affected Products

Microsoft .NET 10.0Microsoft .NET 8.0Microsoft .NET 9.0Microsoft Microsoft .NET Framework 3.5Microsoft Microsoft .NET Framework 3.5 AND 4.7.2Microsoft Microsoft .NET Framework 3.5 AND 4.8Microsoft Microsoft .NET Framework 3.5 AND 4.8.1Microsoft Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2Microsoft Microsoft .NET Framework 4.8

References