Microsoft has released out-of-band updates to address a security vulnerability in ASP.NET Core that could allow an attacker to escalate privileges.
The vulnerability, tracked as CVE-2026-40372, carries a CVSS score of 9.1 out of 10.0. It's rated Important in severity. An anonymous researcher has been credited with discovering and reporting the flaw.
"Improper verification of cryptographic



Source: TheHackerNews
Source Link: https://thehackernews.com/2026/04/microsoft-patches-critical-aspnet-core.html