Web Scouter
Back to News
Security NewsCriticalIncidentvulnerability

Microsoft Patches Critical ASP.NET Core CVE-2026-40372 Privilege Escalation Bug

UnknownApr 22, 2026(1 day ago)

Microsoft patched a critical privilege escalation vulnerability in ASP.NET Core, tracked as CVE-2026-40372.

Microsoft has released out-of-band updates to address a security vulnerability in ASP.NET Core that could allow an attacker to escalate privileges. The vulnerability, tracked as CVE-2026-40372, carries a CVSS score of 9.1 out of 10.0. It's rated Important in severity. An anonymous researcher has been credited with discovering and reporting the flaw. "Improper verification of cryptographic

Related CVEs
CVE-2026-40372
Potentially Affected Vendors
Microsoft Azure

Vendors are matched automatically based on AI analysis. Verify with official sources.

Related News

Data centre projects in Australia—the race to prioritisation, accelerating AI workloads

Unknown35 minutes ago

How Casinos Should Prepare for FinCEN’s 2026 AML/CFT Overhaul

Unknown38 minutes ago

[Video] The Labor Law Insider: Momentum Shift from Union Friendly Continues at NLRB, Part 2

Unknown39 minutes ago

Get Personalized Alerts

Track vendors and receive alerts when security incidents affect your supply chain.

What We Monitor

Security Incidents

Data breaches, ransomware, and unauthorized access

Vulnerabilities

CVEs and vendor security advisories

Compliance Updates

Regulatory changes and certification news

Legal News

Privacy laws and enforcement actions

Vendor Directory

Browse our directory of SaaS vendors with security documentation and compliance information.