CSOonline

Critical ASP.NET core vulnerability earns Microsoft’s highest-ever severity score

The Kestrel web server flaw allows request smuggling attacks, but the actual risk depends on the application code and deployment. Microsoft has patched a critical vulnerability in ASP.NET Core that ...
Bleeping Computer

Microsoft fixes highest-severity ASP.NET Core flaw ever

Earlier this week, Microsoft patched a vulnerability that was flagged with the "highest ever" severity rating received by an ASP.NET Core security flaw. This HTTP request smuggling bug (CVE-2025-55315 ...
The Anderson Independent-Mail

Secure Halo Urges Organizations to Act on Critical Microsoft ASP.NET Core Vulnerability

Secure Halo, a cybersecurity services firm based in Silver Spring, Maryland, is urging organizations running applications built on Microsoft’s ASP.NET Core framework to take immediate action following ...
Bleeping Computer

Microsoft now pays up to $40,000 for some .NET vulnerabilities

Microsoft has expanded its .NET bug bounty program and increased rewards to $40,000 for some .NET and ASP.NET Core vulnerabilities. Madeline Eckert, a senior program manager for Researcher Incentives ...
Neowin

Microsoft will now pay you up to $40,000 for reporting vulnerabilities in .NET

Many companies offer bug bounty programs as they encourage people to search for and discover security vulnerabilities in software, and report them privately to the vendor so that a fix can be ...