{"url":"http://public2.vulnerablecode.io/api/packages/84523?format=json","purl":"pkg:nuget/Microsoft.NetCore.App.Runtime.osx-x64@10.0.4","type":"nuget","namespace":"","name":"Microsoft.NetCore.App.Runtime.osx-x64","version":"10.0.4","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/23236?format=json","vulnerability_id":"VCID-avv6-ba2c-ayeq","summary":".NET Denial of Service Vulnerability\nMicrosoft is releasing this security advisory to provide information about a vulnerability in .NET 9.0 and .NET 10.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.\n\nA denial of service vulnerability exists in .NET and Microsoft.Bcl.Memory due to an out-of-bounds read when decoding malformed Base64Url input.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-26127","reference_id":"","reference_type":"","scores":[{"value":"0.001","scoring_system":"epss","scoring_elements":"0.27341","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-26127"},{"reference_url":"https://github.com/dotnet/runtime","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/dotnet/runtime"},{"reference_url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26127","reference_id":"CVE-2026-26127","reference_type":"","scores":[],"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26127"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-26127","reference_id":"CVE-2026-26127","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-26127"},{"reference_url":"https://github.com/advisories/GHSA-73j8-2gch-69rq","reference_id":"GHSA-73j8-2gch-69rq","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-73j8-2gch-69rq"},{"reference_url":"https://github.com/dotnet/runtime/security/advisories/GHSA-73j8-2gch-69rq","reference_id":"GHSA-73j8-2gch-69rq","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/dotnet/runtime/security/advisories/GHSA-73j8-2gch-69rq"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84497?format=json","purl":"pkg:nuget/Microsoft.NetCore.App.Runtime.osx-x64@9.0.14","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.NetCore.App.Runtime.osx-x64@9.0.14"},{"url":"http://public2.vulnerablecode.io/api/packages/84523?format=json","purl":"pkg:nuget/Microsoft.NetCore.App.Runtime.osx-x64@10.0.4","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.NetCore.App.Runtime.osx-x64@10.0.4"}],"aliases":["CVE-2026-26127","GHSA-73j8-2gch-69rq"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-avv6-ba2c-ayeq"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.NetCore.App.Runtime.osx-x64@10.0.4"}