{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-35433", "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "state": "PUBLISHED", "assignerShortName": "microsoft", "dateReserved": "2026-04-02T19:21:11.804Z", "datePublished": "2026-05-12T16:58:34.612Z", "dateUpdated": "2026-05-26T16:56:12.667Z"}, "containers": {"cna": {"title": ".NET Elevation of Privilege Vulnerability", "datePublic": "2026-05-12T14:00:00.000Z", "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionStartIncluding": "10.0.0", "versionEndExcluding": "10.0.8"}, {"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionStartIncluding": "8.0.0", "versionEndExcluding": "8.0.27"}, {"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionStartIncluding": "9.0.0", "versionEndExcluding": "9.0.16"}, {"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.8.0", "versionEndExcluding": "4.8.9334.0 and 4.8.4802.0"}, {"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.8.0", "versionEndExcluding": "4.8.9334.0 and 4.8.4802.0"}, {"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.7.0", "versionEndExcluding": "4.8.9334.0 and 4.8.4802.0"}, {"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.8.1", "versionEndExcluding": "4.8.9334.0 and 4.8.4802.0"}, {"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.5.0", "versionEndExcluding": "4.8.9334.0 and 4.8.4802.0"}]}]}], "affected": [{"vendor": "Microsoft", "product": ".NET 10.0", "versions": [{"version": "10.0.0", "lessThan": "10.0.8", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": ".NET 8.0", "versions": [{"version": "8.0.0", "lessThan": "8.0.27", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": ".NET 9.0", "versions": [{"version": "9.0.0", "lessThan": "9.0.16", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Microsoft .NET Framework 3.5", "platforms": ["Windows Server 2012", "Windows Server 2012 R2"], "versions": [{"version": "3.5.0", "lessThan": "4.8.9334.0 and 4.8.4802.0", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Microsoft .NET Framework 3.5 AND 4.7.2", "platforms": ["Windows 10 Version 1809 for ARM64-based Systems", "Windows 10 Version 1809 for x64-based Systems"], "versions": [{"version": "4.7.0", "lessThan": "4.8.9334.0 and 4.8.4802.0", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Microsoft .NET Framework 3.5 AND 4.8", "platforms": ["Windows 10 Version 1809 for ARM64-based Systems", "Windows 10 Version 1809 for x64-based Systems", "Windows 10 Version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for x64-based Systems", "Windows 10 Version 22H2 for ARM64-based Systems", "Windows 10 Version 22H2 for x64-based Systems", "Windows 11 version 21H2 for ARM64-based Systems", "Windows Server 2022"], "versions": [{"version": "4.8.0", "lessThan": "4.8.9334.0 and 4.8.4802.0", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Microsoft .NET Framework 3.5 AND 4.8.1", "platforms": ["Windows 10 Version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for x64-based Systems", "Windows 11 Version 22H2 for ARM64-based Systems", "Windows 11 Version 22H2 for x64-based Systems", "Windows 11 Version 23H2 for ARM64-based Systems", "Windows 11 Version 23H2 for x64-based Systems", "Windows 11 Version 24H2 for ARM64-based Systems", "Windows 11 Version 24H2 for x64-based Systems", "Windows 11 Version 25H2 for ARM64-based Systems", "Windows 11 Version 25H2 for x64-based Systems", "Windows 11 Version 26H1 for ARM64-based Systems", "Windows 11 Version 26H1 for x64-based Systems", "Windows 11 version 26H1 for x64-based Systems", "Windows Server 2022", "Windows Server 2025"], "versions": [{"version": "4.8.1", "lessThan": "4.8.9334.0 and 4.8.4802.0", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Microsoft .NET Framework 4.8", "platforms": ["Windows 10 Version 1607 for x64-based Systems", "Windows Server 2012", "Windows Server 2012 R2", "Windows Server 2016"], "versions": [{"version": "4.8.0", "lessThan": "4.8.9334.0 and 4.8.4802.0", "versionType": "custom", "status": "affected"}]}], "descriptions": [{"value": "Improper input validation in .NET allows an unauthorized attacker to elevate privileges locally.", "lang": "en-US"}], "problemTypes": [{"descriptions": [{"description": "CWE-20: Improper Input Validation", "lang": "en-US", "type": "CWE", "cweId": "CWE-20"}, {"description": "CWE-190: Integer Overflow or Wraparound", "lang": "en-US", "type": "CWE", "cweId": "CWE-190"}]}], "providerMetadata": {"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft", "dateUpdated": "2026-05-26T16:56:12.667Z"}, "references": [{"name": ".NET Elevation of Privilege Vulnerability", "tags": ["vendor-advisory", "patch"], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-35433"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en-US", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "baseSeverity": "HIGH", "baseScore": 7.3, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L/E:U/RL:O/RC:C"}}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-05-13T03:55:58.313299Z", "id": "CVE-2026-35433", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-05-19T16:49:09.046Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-35433", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-05-13T03:55:58.313299Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-05-13T10:01:42.300Z"}}], "cna": {"title": ".NET Elevation of Privilege Vulnerability", "metrics": [{"format": "CVSS", "cvssV3_1": {"version": "3.1", "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L/E:U/RL:O/RC:C"}, "scenarios": [{"lang": "en-US", "value": "GENERAL"}]}], "affected": [{"vendor": "Microsoft", "product": ".NET 10.0", "versions": [{"status": "affected", "version": "10.0.0", "lessThan": "10.0.8", "versionType": "custom"}]}, {"vendor": "Microsoft", "product": ".NET 8.0", "versions": [{"status": "affected", "version": "8.0.0", "lessThan": "8.0.27", "versionType": "custom"}]}, {"vendor": "Microsoft", "product": ".NET 9.0", "versions": [{"status": "affected", "version": "9.0.0", "lessThan": "9.0.16", "versionType": "custom"}]}, {"vendor": "Microsoft", "product": "Microsoft .NET Framework 3.5", "versions": [{"status": "affected", "version": "3.5.0", "lessThan": "4.8.9334.0 and 4.8.4802.0", "versionType": "custom"}], "platforms": ["Windows Server 2012", "Windows Server 2012 R2"]}, {"vendor": "Microsoft", "product": "Microsoft .NET Framework 3.5 AND 4.7.2", "versions": [{"status": "affected", "version": "4.7.0", "lessThan": "4.8.9334.0 and 4.8.4802.0", "versionType": "custom"}], "platforms": ["Windows 10 Version 1809 for ARM64-based Systems", "Windows 10 Version 1809 for x64-based Systems"]}, {"vendor": "Microsoft", "product": "Microsoft .NET Framework 3.5 AND 4.8", "versions": [{"status": "affected", "version": "4.8.0", "lessThan": "4.8.9334.0 and 4.8.4802.0", "versionType": "custom"}], "platforms": ["Windows 10 Version 1809 for ARM64-based Systems", "Windows 10 Version 1809 for x64-based Systems", "Windows 10 Version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for x64-based Systems", "Windows 10 Version 22H2 for ARM64-based Systems", "Windows 10 Version 22H2 for x64-based Systems", "Windows 11 version 21H2 for ARM64-based Systems", "Windows Server 2022"]}, {"vendor": "Microsoft", "product": "Microsoft .NET Framework 3.5 AND 4.8.1", "versions": [{"status": "affected", "version": "4.8.1", "lessThan": "4.8.9334.0 and 4.8.4802.0", "versionType": "custom"}], "platforms": ["Windows 10 Version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for x64-based Systems", "Windows 11 Version 22H2 for ARM64-based Systems", "Windows 11 Version 22H2 for x64-based Systems", "Windows 11 Version 23H2 for ARM64-based Systems", "Windows 11 Version 23H2 for x64-based Systems", "Windows 11 Version 24H2 for ARM64-based Systems", "Windows 11 Version 24H2 for x64-based Systems", "Windows 11 Version 25H2 for ARM64-based Systems", "Windows 11 Version 25H2 for x64-based Systems", "Windows 11 Version 26H1 for ARM64-based Systems", "Windows 11 Version 26H1 for x64-based Systems", "Windows 11 version 26H1 for x64-based Systems", "Windows Server 2022", "Windows Server 2025"]}, {"vendor": "Microsoft", "product": "Microsoft .NET Framework 4.8", "versions": [{"status": "affected", "version": "4.8.0", "lessThan": "4.8.9334.0 and 4.8.4802.0", "versionType": "custom"}], "platforms": ["Windows 10 Version 1607 for x64-based Systems", "Windows Server 2012", "Windows Server 2012 R2", "Windows Server 2016"]}], "datePublic": "2026-05-12T14:00:00.000Z", "references": [{"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-35433", "name": ".NET Elevation of Privilege Vulnerability", "tags": ["vendor-advisory", "patch"]}], "descriptions": [{"lang": "en-US", "value": "Improper input validation in .NET allows an unauthorized attacker to elevate privileges locally."}], "problemTypes": [{"descriptions": [{"lang": "en-US", "type": "CWE", "cweId": "CWE-20", "description": "CWE-20: Improper Input Validation"}, {"lang": "en-US", "type": "CWE", "cweId": "CWE-190", "description": "CWE-190: Integer Overflow or Wraparound"}]}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "10.0.8", "versionStartIncluding": "10.0.0"}, {"criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "8.0.27", "versionStartIncluding": "8.0.0"}, {"criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "9.0.16", "versionStartIncluding": "9.0.0"}, {"criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "4.8.9334.0 and 4.8.4802.0", "versionStartIncluding": "4.8.0"}, {"criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "4.8.9334.0 and 4.8.4802.0", "versionStartIncluding": "4.8.0"}, {"criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "4.8.9334.0 and 4.8.4802.0", "versionStartIncluding": "4.7.0"}, {"criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "4.8.9334.0 and 4.8.4802.0", "versionStartIncluding": "4.8.1"}, {"criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "4.8.9334.0 and 4.8.4802.0", "versionStartIncluding": "3.5.0"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft", "dateUpdated": "2026-05-26T16:56:12.667Z"}}}, "cveMetadata": {"cveId": "CVE-2026-35433", "state": "PUBLISHED", "dateUpdated": "2026-05-26T16:56:12.667Z", "dateReserved": "2026-04-02T19:21:11.804Z", "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "datePublished": "2026-05-12T16:58:34.612Z", "assignerShortName": "microsoft"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Improper input validation in .NET allows an unauthorized attacker to elevate privileges locally."}], "id": "CVE-2026-35433", "lastModified": "2026-05-13T15:34:52.573", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.5, "source": "secure@microsoft.com", "type": "Primary"}]}, "published": "2026-05-12T18:17:13.710", "references": [{"source": "secure@microsoft.com", "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-35433"}], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}, {"lang": "en", "value": "CWE-190"}], "source": "secure@microsoft.com", "type": "Primary"}]}

{"bugzilla": {"description": "dotnet: .NET: improper input validation allows an attacker to elevate privileges locally", "id": "2476577", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2476577"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.3", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L", "status": "draft"}, "cwe": "CWE-20", "details": ["Improper input validation in .NET allows an unauthorized attacker to elevate privileges locally.", "A flaw was found in dotnet. Improper input validation and an integer overflow in .NET allow an unauthenticated attacker to elevate privileges locally."], "mitigation": {"lang": "en:us", "value": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible."}, "name": "CVE-2026-35433", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Under investigation", "package_name": "dotnet10.0", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Under investigation", "package_name": "dotnet8.0", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Under investigation", "package_name": "dotnet9.0", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Under investigation", "package_name": "dotnet10.0", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Under investigation", "package_name": "dotnet8.0", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Under investigation", "package_name": "dotnet9.0", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Under investigation", "package_name": "dotnet10.0", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Under investigation", "package_name": "dotnet8.0", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Under investigation", "package_name": "dotnet9.0", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/a:redhat:hummingbird:1", "fix_state": "Under investigation", "package_name": "dotnet10.0", "product_name": "Red Hat Hardened Images"}, {"cpe": "cpe:/a:redhat:hummingbird:1", "fix_state": "Under investigation", "package_name": "dotnet8.0", "product_name": "Red Hat Hardened Images"}, {"cpe": "cpe:/a:redhat:hummingbird:1", "fix_state": "Under investigation", "package_name": "dotnet9.0", "product_name": "Red Hat Hardened Images"}], "public_date": "2026-05-12T16:58:34Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-35433\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-35433\nhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-35433"], "statement": "As this flaw allows an unauthenticated attacker to elevate privileges locally, it has been rated with an important severity.", "threat_severity": "Important"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[10.0.0,10.0.8)"}}], "enrichment": {"confidence": 85.0, "confidence_source": "matching", "scores": [{"score": 85.0, "source": "matching"}]}, "original": {"product": ".NET 10.0", "source": "cna", "vendor": "Microsoft"}, "product": ".net", "vendor": "microsoft"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[8.0.0,8.0.27)"}}], "enrichment": {"confidence": 88.0, "confidence_source": "matching", "scores": [{"score": 88.0, "source": "matching"}]}, "original": {"product": ".NET 8.0", "source": "cna", "vendor": "Microsoft"}, "product": ".net", "vendor": "microsoft"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[9.0.0,9.0.16)"}}], "enrichment": {"confidence": 88.0, "confidence_source": "matching", "scores": [{"score": 88.0, "source": "matching"}]}, "original": {"product": ".NET 9.0", "source": "cna", "vendor": "Microsoft"}, "product": ".net", "vendor": "microsoft"}], "created": "2026-05-12T19:30:23.357404+00:00", "updated": "2026-05-13T10:15:06.064180+00:00", "vendors": ["microsoft", "microsoft$PRODUCT$.net"]}