Shodan
Vulnerabilities
Vulnerable Software
Microsoft:  >> Visual Studio 2022  >> 17.12.8  Security Vulnerabilities
CVE-2026-32175
A tampering vulnerability exists when .NET Core improperly handles specially crafted files. An attacker who successfully exploited this vulnerability could write arbitrary files and directories to certain locations on a vulnerable system. However, an attacker would have limited control over the destination of the files and directories. To exploit the vulnerability, an attacker must send a specially crafted file to a vulnerable system. The security update fixes the vulnerability by ensuring .NET Core properly handles files.
CVSS Score
4.3
EPSS Score
0.007
Published
2026-05-12
CVE-2026-32177
Heap-based buffer overflow in .NET allows an unauthorized attacker to elevate privileges locally.
CVSS Score
7.3
EPSS Score
0.004
Published
2026-05-12
CVE-2026-32203
Stack-based buffer overflow in .NET and Visual Studio allows an unauthorized attacker to deny service over a network.
CVSS Score
7.5
EPSS Score
0.008
Published
2026-04-14
CVE-2026-32178
Improper neutralization of special elements in .NET allows an unauthorized attacker to perform spoofing over a network.
CVSS Score
7.5
EPSS Score
0.011
Published
2026-04-14
CVE-2025-55240
Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally.
CVSS Score
7.3
EPSS Score
0.003
Published
2025-10-14
CVE-2025-55248
Inadequate encryption strength in .NET, .NET Framework, Visual Studio allows an authorized attacker to disclose information over a network.
CVSS Score
4.8
EPSS Score
0.007
Published
2025-10-14
CVE-2025-49739
Improper link resolution before file access ('link following') in Visual Studio allows an unauthorized attacker to elevate privileges over a network.
CVSS Score
8.8
EPSS Score
0.008
Published
2025-07-08
CVE-2025-47959
Improper neutralization of special elements used in a command ('command injection') in Visual Studio allows an authorized attacker to execute code over a network.
CVSS Score
7.1
EPSS Score
0.054
Published
2025-06-13
CVE-2025-30399
Untrusted search path in .NET and Visual Studio allows an unauthorized attacker to execute code over a network.
CVSS Score
7.5
EPSS Score
0.009
Published
2025-06-13


Products
Pricing
Contact Us

Shodan ® - All rights reserved