{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/cpes/cpe2.3amicrosoft.net_framework4.7.2/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":["cpe:2.3:a:microsoft:.net_framework:3.5:-:*:*:*:*:*:*","cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:*","cpe:2.3:a:microsoft:.net_framework:4.8:*:*:*:*:*:*:*","cpe:2.3:a:microsoft:.net_framework:4.8.1:*:*:*:*:*:*:*"],"_cs_cves":[{"cvss":5.9,"id":"CVE-2026-32226"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":[".NET Framework"],"_cs_severities":["medium"],"_cs_tags":["dotnet","dos","cve"],"_cs_type":"advisory","_cs_vendors":["Microsoft"],"content_html":"\u003cp\u003eCVE-2026-32226 is a denial-of-service vulnerability affecting the .NET Framework. The vulnerability could allow a remote attacker to cause a denial-of-service condition on a target system running a vulnerable version of the .NET Framework. Microsoft has released security updates to address this vulnerability. Defenders should apply these updates to mitigate the risk.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn attacker crafts a malicious input specifically designed to exploit a weakness in the .NET Framework\u0026rsquo;s parsing or processing of data.\u003c/li\u003e\n\u003cli\u003eThe attacker sends this malicious input to a .NET Framework application, potentially via a network request or file upload.\u003c/li\u003e\n\u003cli\u003eThe vulnerable .NET Framework component attempts to process the malicious input.\u003c/li\u003e\n\u003cli\u003eDue to the flaw, the .NET Framework component enters an infinite loop or consumes excessive resources.\u003c/li\u003e\n\u003cli\u003eThe excessive resource consumption leads to a slowdown or complete halt of the .NET Framework application.\u003c/li\u003e\n\u003cli\u003eOther applications relying on the .NET Framework may also be affected, leading to a system-wide degradation of performance.\u003c/li\u003e\n\u003cli\u003eLegitimate users are unable to access the .NET Framework application or related services.\u003c/li\u003e\n\u003cli\u003eThe denial-of-service condition persists until the vulnerable application or the entire system is restarted or patched.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2026-32226 could result in a denial-of-service condition, rendering the affected .NET Framework application and related services unavailable. This could lead to business disruption and data loss, depending on the criticality of the affected application. The number of victims will depend on the exposure of the vulnerable .NET Framework application.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApply the latest security updates for .NET Framework from Microsoft to patch CVE-2026-32226.\u003c/li\u003e\n\u003cli\u003eMonitor systems for unusual resource consumption by .NET Framework applications (reference the rule detecting high CPU usage).\u003c/li\u003e\n\u003cli\u003eReview and harden input validation mechanisms for .NET Framework applications to prevent malicious input from reaching vulnerable components.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule detecting .NET process crash events and tune for your environment.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-11T16:06:33Z","date_published":"2026-05-11T16:06:33Z","id":"https://feed.craftedsignal.io/briefs/2026-05-dotnet-dos/","summary":"CVE-2026-32226 is a denial of service vulnerability in the .NET Framework that can be mitigated by applying the latest security update.","title":"CVE-2026-32226 .NET Framework Denial of Service Vulnerability","url":"https://feed.craftedsignal.io/briefs/2026-05-dotnet-dos/"}],"language":"en","title":"CraftedSignal Threat Feed — Cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:*","version":"https://jsonfeed.org/version/1.1"}