CVE-2025-26646

Published

Last updated

NVD

https://nvd.nist.gov/vuln/detail/CVE-2025-26646

Severity

8.0

High

CVSS V3

Description

External control of file name or path in .NET, Visual Studio, and Build Tools for Visual Studio allows an authorized attacker to perform spoofing over a network.

References

https://images.chainguard.dev/security/CGA-g7hf-r8hj-rrh9
https://github.com/advisories/GHSA-h4j7-5rxr-p4wc
https://images.chainguard.dev/security/CGA-7v77-49hp-78c5
https://images.chainguard.dev/security/CGA-wp93-rqx7-662w
https://images.chainguard.dev/security/CGA-xr48-wrc7-9wmf
https://images.chainguard.dev/security/CGA-6vpm-52q6-4246
https://images.chainguard.dev/security/CGA-c29g-qjrh-ghxj
https://images.chainguard.dev/security/CGA-qwf8-4rrg-989g
https://images.chainguard.dev/security/CGA-49wx-22f2-wmqp
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26646

Affected packages

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

The trusted source for open source

Talk to an expert

Privacy

Terms

CVE-2025-26646

Severity

Description

References

Affected packages

The trusted source for open source

Product

Solutions

Customers

Resources

Company