Bug 2446134 (CVE-2026-26130) - CVE-2026-26130 asp.net: ASP.NET Core: Denial of Service via uncontrolled resource allocation
Summary: CVE-2026-26130 asp.net: ASP.NET Core: Denial of Service via uncontrolled reso...
Keywords:
Status: NEW
Alias: CVE-2026-26130
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Product Security DevOps Team
QA Contact:
URL:
Whiteboard:
Depends On: 2446423 2446424 2446425 2446426 2446427 2446428 2446441 2446442 2446443
Blocks:
TreeView+ depends on / blocked
 
Reported: 2026-03-10 18:04 UTC by OSIDB Bzimport
Modified: 2026-03-12 15:27 UTC (History)
0 users

Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2026:4443 0 None None None 2026-03-12 09:39:58 UTC
Red Hat Product Errata RHSA-2026:4445 0 None None None 2026-03-12 15:23:56 UTC
Red Hat Product Errata RHSA-2026:4450 0 None None None 2026-03-12 09:16:56 UTC
Red Hat Product Errata RHSA-2026:4451 0 None None None 2026-03-12 09:27:12 UTC
Red Hat Product Errata RHSA-2026:4453 0 None None None 2026-03-12 09:25:43 UTC
Red Hat Product Errata RHSA-2026:4454 0 None None None 2026-03-12 15:16:56 UTC
Red Hat Product Errata RHSA-2026:4455 0 None None None 2026-03-12 10:16:18 UTC
Red Hat Product Errata RHSA-2026:4456 0 None None None 2026-03-12 15:27:03 UTC
Red Hat Product Errata RHSA-2026:4458 0 None None None 2026-03-12 10:19:19 UTC

Description OSIDB Bzimport 2026-03-10 18:04:56 UTC 
Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network.
Comment 3 errata-xmlrpc 2026-03-12 09:16:55 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 10

Via RHSA-2026:4450 https://access.redhat.com/errata/RHSA-2026:4450
Comment 4 errata-xmlrpc 2026-03-12 09:25:41 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 10

Via RHSA-2026:4453 https://access.redhat.com/errata/RHSA-2026:4453
Comment 5 errata-xmlrpc 2026-03-12 09:27:11 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 10

Via RHSA-2026:4451 https://access.redhat.com/errata/RHSA-2026:4451
Comment 6 errata-xmlrpc 2026-03-12 09:39:57 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2026:4443 https://access.redhat.com/errata/RHSA-2026:4443
Comment 7 errata-xmlrpc 2026-03-12 10:16:17 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2026:4455 https://access.redhat.com/errata/RHSA-2026:4455
Comment 8 errata-xmlrpc 2026-03-12 10:19:18 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2026:4458 https://access.redhat.com/errata/RHSA-2026:4458
Comment 9 errata-xmlrpc 2026-03-12 15:16:55 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2026:4454 https://access.redhat.com/errata/RHSA-2026:4454
Comment 10 errata-xmlrpc 2026-03-12 15:23:54 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2026:4445 https://access.redhat.com/errata/RHSA-2026:4445
Comment 11 errata-xmlrpc 2026-03-12 15:27:02 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2026:4456 https://access.redhat.com/errata/RHSA-2026:4456
Note You need to log in before you can comment on or make changes to this bug.