Dotnet

Multiple vulnerabilities, CVE-2026-45491 and CVE-2026-45591, have been discovered in Microsoft .Net and ASP.NET Core versions, allowing a remote attacker to cause a denial of service and compromise data integrity across Windows, Linux, and macOS platforms.

A tampering vulnerability exists in .NET 8.0, .NET 9.0, and .NET 10.0 due to improper handling of specially crafted files, potentially allowing an attacker to write arbitrary files and directories to specific locations on a vulnerable system with limited control over the destination.

The Gremlin stealer malware has evolved with advanced obfuscation techniques, crypto clipping, and session hijacking capabilities to steal sensitive information from compromised systems.

CVE-2026-32226 is a denial of service vulnerability in the .NET Framework that can be mitigated by applying the latest security update.

Multiple defense-in-depth gaps exist in Meridian versions prior to 2.1.1, including high severity issues related to bypassing safety caps on collection mapping that can lead to resource exhaustion, along with medium and low severity issues affecting constructor selection, telemetry, retry mechanisms, and exception handling.

CVE-2026-26171 is a vulnerability in .NET that allows an unauthorized attacker to perform a denial-of-service attack over a network due to uncontrolled resource consumption.

CVE-2026-32178 is a vulnerability in .NET that allows for network spoofing due to improper neutralization of special elements, potentially enabling attackers to impersonate legitimate entities.

Tmds.DBus and Tmds.DBus.Protocol are vulnerable to signal spoofing, resource exhaustion, and application crashes due to malformed messages from malicious D-Bus peers on the same bus.

This analytic detects PowerShell scripts leveraging .NET reflection to load assemblies into memory, a technique commonly used by threat actors to bypass defenses and execute malicious code.