Description
Deserialization of untrusted data in .NET allows an unauthorized attacker to execute code locally.
Analysis and contextual insights are available on OpenCVE Cloud.
Remediation
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
Advisories
No advisories yet.
References
History
Tue, 14 Jul 2026 19:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Deserialization of untrusted data in .NET allows an unauthorized attacker to execute code locally. | |
| Title | .NET Remote Code Execution Vulnerability | |
| First Time appeared |
Microsoft
Microsoft .net Microsoft visual Studio 2022 Microsoft visual Studio 2026 |
|
| Weaknesses | CWE-502 | |
| CPEs | cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:* cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:* cpe:2.3:a:microsoft:visual_studio_2026:*:*:*:*:*:*:*:* |
|
| Vendors & Products |
Microsoft
Microsoft .net Microsoft visual Studio 2022 Microsoft visual Studio 2026 |
|
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: microsoft
Published:
Updated: 2026-07-14T19:40:12.699Z
Reserved: 2026-06-05T14:33:50.830Z
Link: CVE-2026-50649
No data.
No data.
No data.
OpenCVE Enrichment
No data.
Weaknesses