{"api_version":"1","generated_at":"2026-06-22T19:29:57+00:00","cve":"CVE-2026-32177","urls":{"html":"https://cve.report/CVE-2026-32177","api":"https://cve.report/api/cve/CVE-2026-32177.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2026-32177","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2026-32177"},"summary":{"title":".NET Elevation of Privilege Vulnerability","description":"Heap-based buffer overflow in .NET allows an unauthorized attacker to elevate privileges locally.","state":"PUBLISHED","assigner":"microsoft","published_at":"2026-05-12 18:16:58","updated_at":"2026-06-19 17:16:17"},"problem_types":["CWE-20","CWE-122","CWE-787","CWE-122 CWE-122: Heap-based Buffer Overflow","CWE-20 CWE-20: Improper Input Validation"],"metrics":[{"version":"3.1","source":"secure@microsoft.com","type":"Secondary","score":"7.3","severity":"HIGH","vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"LOW"}},{"version":"3.1","source":"CNA","type":"CVSS","score":"7.3","severity":"HIGH","vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L/E:U/RL:O/RC:C","data":{"baseScore":7.3,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L/E:U/RL:O/RC:C","version":"3.1"}}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32177","name":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32177","refsource":"secure@microsoft.com","tags":["Vendor Advisory"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2026-32177","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-32177","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"Microsoft","product":".NET 10.0","version":"affected 10.0.0 10.0.8 custom","platforms":[]},{"source":"CNA","vendor":"Microsoft","product":".NET 8.0","version":"affected 8.0.0 8.0.27 custom","platforms":[]},{"source":"CNA","vendor":"Microsoft","product":".NET 9.0","version":"affected 9.0.0 9.0.16 custom","platforms":[]},{"source":"CNA","vendor":"Microsoft","product":"Microsoft .NET Framework 3.5","version":"affected 3.5.0 4.8.9334.0 and 4.8.4802.0 custom","platforms":["Windows Server 2012","Windows Server 2012 R2"]},{"source":"CNA","vendor":"Microsoft","product":"Microsoft .NET Framework 3.5 AND 4.7.2","version":"affected 4.7.0 4.8.9334.0 and 4.8.4802.0 custom","platforms":["Windows 10 Version 1809 for ARM64-based Systems","Windows 10 Version 1809 for x64-based Systems","Windows Server 2019"]},{"source":"CNA","vendor":"Microsoft","product":"Microsoft .NET Framework 3.5 AND 4.8","version":"affected 4.8.0 4.8.9334.0 and 4.8.4802.0 custom","platforms":["Windows 10 Version 1809 for ARM64-based Systems","Windows 10 Version 1809 for x64-based Systems","Windows 10 Version 21H2 for x64-based Systems","Windows 10 Version 22H2 for ARM64-based Systems","Windows 10 Version 22H2 for x64-based Systems","Windows Server 2019","Windows Server 2022"]},{"source":"CNA","vendor":"Microsoft","product":"Microsoft .NET Framework 3.5 AND 4.8.1","version":"affected 4.8.1 4.8.9334.0 and 4.8.4802.0 custom","platforms":["Windows 10 Version 21H2 for ARM64-based Systems","Windows 10 Version 22H2 for ARM64-based Systems","Windows 10 Version 22H2 for x64-based Systems","Windows 11 Version 23H2 for x64-based Systems","Windows 11 Version 24H2 for ARM64-based Systems","Windows 11 Version 24H2 for x64-based Systems","Windows 11 Version 25H2 for ARM64-based Systems","Windows 11 Version 25H2 for x64-based Systems","Windows 11 Version 26H1 for ARM64-based Systems","Windows 11 version 26H1 for x64-based Systems","Windows Server 2022","Windows Server 2025"]},{"source":"CNA","vendor":"Microsoft","product":"Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2","version":"affected 4.7.0 4.8.9334.0 and 4.8.4802.0 custom","platforms":["Windows Server 2012","Windows Server 2012 R2"]},{"source":"CNA","vendor":"Microsoft","product":"Microsoft .NET Framework 4.8","version":"affected 4.8.0 4.8.9334.0 and 4.8.4802.0 custom","platforms":["Windows 10 Version 1607 for x64-based Systems","Windows Server 2012","Windows Server 2012 R2","Windows Server 2016"]},{"source":"CNA","vendor":"Microsoft","product":"Microsoft Visual Studio 2022 version 17.12","version":"affected 17.12.0 17.12.20 custom","platforms":[]},{"source":"CNA","vendor":"Microsoft","product":"Microsoft Visual Studio 2022 version 17.14","version":"affected 17.14.0 17.14.32 custom","platforms":[]},{"source":"CNA","vendor":"Microsoft","product":"Microsoft Visual Studio 2026 version 18.5","version":"affected 18.5.0 18.5.3 custom","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2026","cve_id":"32177","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"microsoft","cpe5":"visual_studio_2022","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"-","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":{"cve_year":"2026","cve_id":"32177","cve":"CVE-2026-32177","epss":"0.000960000","percentile":"0.262730000","score_date":"2026-05-19","updated_at":"2026-05-20 00:11:24"},"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"metrics":[{"other":{"content":{"id":"CVE-2026-32177","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","timestamp":"2026-05-13T03:55:57.172870Z","version":"2.0.3"},"type":"ssvc"}}],"providerMetadata":{"dateUpdated":"2026-05-13T10:18:24.511Z","orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP"},"title":"CISA ADP Vulnrichment"}],"cna":{"affected":[{"product":".NET 10.0","vendor":"Microsoft","versions":[{"lessThan":"10.0.8","status":"affected","version":"10.0.0","versionType":"custom"}]},{"product":".NET 8.0","vendor":"Microsoft","versions":[{"lessThan":"8.0.27","status":"affected","version":"8.0.0","versionType":"custom"}]},{"product":".NET 9.0","vendor":"Microsoft","versions":[{"lessThan":"9.0.16","status":"affected","version":"9.0.0","versionType":"custom"}]},{"platforms":["Windows Server 2012","Windows Server 2012 R2"],"product":"Microsoft .NET Framework 3.5","vendor":"Microsoft","versions":[{"lessThan":"4.8.9334.0 and 4.8.4802.0","status":"affected","version":"3.5.0","versionType":"custom"}]},{"platforms":["Windows 10 Version 1809 for ARM64-based Systems","Windows 10 Version 1809 for x64-based Systems","Windows Server 2019"],"product":"Microsoft .NET Framework 3.5 AND 4.7.2","vendor":"Microsoft","versions":[{"lessThan":"4.8.9334.0 and 4.8.4802.0","status":"affected","version":"4.7.0","versionType":"custom"}]},{"platforms":["Windows 10 Version 1809 for ARM64-based Systems","Windows 10 Version 1809 for x64-based Systems","Windows 10 Version 21H2 for x64-based Systems","Windows 10 Version 22H2 for ARM64-based Systems","Windows 10 Version 22H2 for x64-based Systems","Windows Server 2019","Windows Server 2022"],"product":"Microsoft .NET Framework 3.5 AND 4.8","vendor":"Microsoft","versions":[{"lessThan":"4.8.9334.0 and 4.8.4802.0","status":"affected","version":"4.8.0","versionType":"custom"}]},{"platforms":["Windows 10 Version 21H2 for ARM64-based Systems","Windows 10 Version 22H2 for ARM64-based Systems","Windows 10 Version 22H2 for x64-based Systems","Windows 11 Version 23H2 for x64-based Systems","Windows 11 Version 24H2 for ARM64-based Systems","Windows 11 Version 24H2 for x64-based Systems","Windows 11 Version 25H2 for ARM64-based Systems","Windows 11 Version 25H2 for x64-based Systems","Windows 11 Version 26H1 for ARM64-based Systems","Windows 11 version 26H1 for x64-based Systems","Windows Server 2022","Windows Server 2025"],"product":"Microsoft .NET Framework 3.5 AND 4.8.1","vendor":"Microsoft","versions":[{"lessThan":"4.8.9334.0 and 4.8.4802.0","status":"affected","version":"4.8.1","versionType":"custom"}]},{"platforms":["Windows Server 2012","Windows Server 2012 R2"],"product":"Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2","vendor":"Microsoft","versions":[{"lessThan":"4.8.9334.0 and 4.8.4802.0","status":"affected","version":"4.7.0","versionType":"custom"}]},{"platforms":["Windows 10 Version 1607 for x64-based Systems","Windows Server 2012","Windows Server 2012 R2","Windows Server 2016"],"product":"Microsoft .NET Framework 4.8","vendor":"Microsoft","versions":[{"lessThan":"4.8.9334.0 and 4.8.4802.0","status":"affected","version":"4.8.0","versionType":"custom"}]},{"product":"Microsoft Visual Studio 2022 version 17.12","vendor":"Microsoft","versions":[{"lessThan":"17.12.20","status":"affected","version":"17.12.0","versionType":"custom"}]},{"product":"Microsoft Visual Studio 2022 version 17.14","vendor":"Microsoft","versions":[{"lessThan":"17.14.32","status":"affected","version":"17.14.0","versionType":"custom"}]},{"product":"Microsoft Visual Studio 2026 version 18.5","vendor":"Microsoft","versions":[{"lessThan":"18.5.3","status":"affected","version":"18.5.0","versionType":"custom"}]}],"cpeApplicability":[{"nodes":[{"cpeMatch":[{"criteria":"cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.8","versionStartIncluding":"10.0.0","vulnerable":true},{"criteria":"cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*","versionEndExcluding":"8.0.27","versionStartIncluding":"8.0.0","vulnerable":true},{"criteria":"cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*","versionEndExcluding":"9.0.16","versionStartIncluding":"9.0.0","vulnerable":true},{"criteria":"cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*","versionEndExcluding":"17.12.20","versionStartIncluding":"17.12.0","vulnerable":true},{"criteria":"cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*","versionEndExcluding":"17.14.32","versionStartIncluding":"17.14.0","vulnerable":true},{"criteria":"cpe:2.3:a:microsoft:visual_studio_2026:*:*:*:*:*:*:*:*","versionEndExcluding":"18.5.3","versionStartIncluding":"18.5.0","vulnerable":true},{"criteria":"cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*","versionEndExcluding":"4.8.9334.0 and 4.8.4802.0","versionStartIncluding":"4.8.0","vulnerable":true},{"criteria":"cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*","versionEndExcluding":"4.8.9334.0 and 4.8.4802.0","versionStartIncluding":"4.8.0","vulnerable":true},{"criteria":"cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*","versionEndExcluding":"4.8.9334.0 and 4.8.4802.0","versionStartIncluding":"4.7.0","vulnerable":true},{"criteria":"cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*","versionEndExcluding":"4.8.9334.0 and 4.8.4802.0","versionStartIncluding":"4.7.0","vulnerable":true},{"criteria":"cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*","versionEndExcluding":"4.8.9334.0 and 4.8.4802.0","versionStartIncluding":"4.8.1","vulnerable":true},{"criteria":"cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*","versionEndExcluding":"4.8.9334.0 and 4.8.4802.0","versionStartIncluding":"3.5.0","vulnerable":true}],"negate":false,"operator":"OR"}]}],"datePublic":"2026-05-12T14:00:00.000Z","descriptions":[{"lang":"en-US","value":"Heap-based buffer overflow in .NET allows an unauthorized attacker to elevate privileges locally."}],"metrics":[{"cvssV3_1":{"baseScore":7.3,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L/E:U/RL:O/RC:C","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en-US","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-122","description":"CWE-122: Heap-based Buffer Overflow","lang":"en-US","type":"CWE"},{"cweId":"CWE-20","description":"CWE-20: Improper Input Validation","lang":"en-US","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2026-06-19T16:13:23.878Z","orgId":"f38d906d-7342-40ea-92c1-6c4a2c6478c8","shortName":"microsoft"},"references":[{"name":".NET Elevation of Privilege Vulnerability","tags":["vendor-advisory","patch"],"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32177"}],"title":".NET Elevation of Privilege Vulnerability"}},"cveMetadata":{"assignerOrgId":"f38d906d-7342-40ea-92c1-6c4a2c6478c8","assignerShortName":"microsoft","cveId":"CVE-2026-32177","datePublished":"2026-05-12T16:58:15.551Z","dateReserved":"2026-03-11T00:26:53.425Z","dateUpdated":"2026-06-19T16:13:23.878Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2026-05-12 18:16:58","lastModifiedDate":"2026-06-19 17:16:17","problem_types":["CWE-20","CWE-122","CWE-787","CWE-122 CWE-122: Heap-based Buffer Overflow","CWE-20 CWE-20: Improper Input Validation"],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":1.8,"impactScore":5.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-13T03:55:57.172870Z","id":"CVE-2026-32177","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:-:*:*","versionStartIncluding":"17.12.0","versionEndExcluding":"17.12.20","matchCriteriaId":"AE827408-88C9-43F3-9CFF-CC0F87888D41"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:-:*:*","versionStartIncluding":"17.14.0","versionEndExcluding":"17.14.32","matchCriteriaId":"671F44D1-2ADA-426F-852C-7157F47B1303"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:visual_studio_2026:*:*:*:*:*:*:*:*","versionStartIncluding":"18.5.0","versionEndExcluding":"18.5.3","matchCriteriaId":"6538F8A2-3412-4A67-98DC-CD3A7BC4117E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:.net_framework:4.8:*:*:*:*:*:*:*","matchCriteriaId":"2D3F18AF-84ED-473B-A8DF-65EB23C475AF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x64:*","matchCriteriaId":"5E491E46-1917-41FE-8F9A-BB0BDDEB42C3"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*","matchCriteriaId":"A7DF96F8-BA6A-4780-9CA3-F719B3F81074"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*","matchCriteriaId":"DB18C4CE-5917-401E-ACF7-2747084FD36E"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*","matchCriteriaId":"041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*","matchCriteriaId":"A16AD2B0-2189-4E8E-B7FC-CE598CA1CB2D"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:.net_framework:4.7:*:*:*:*:*:*:*","matchCriteriaId":"734112B3-1383-4BE3-8721-C0F84566B764"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:.net_framework:4.7.1:*:*:*:*:*:*:*","matchCriteriaId":"36B0E40A-84EF-4099-A395-75D6B8CDA196"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:*","matchCriteriaId":"3EF7A75E-EE27-4AA7-8D84-9D696728A4CE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*","matchCriteriaId":"A7DF96F8-BA6A-4780-9CA3-F719B3F81074"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*","matchCriteriaId":"DB18C4CE-5917-401E-ACF7-2747084FD36E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*","matchCriteriaId":"E039CE1F-B988-4741-AE2E-5B36E2AF9688"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:.net_framework:4.8.1:*:*:*:*:*:*:*","matchCriteriaId":"934D4E46-12C1-41DC-A28C-A2C430E965E4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:arm64:*","matchCriteriaId":"8FC46499-DB6E-48BF-9334-85EE27AFE7AF"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:arm64:*","matchCriteriaId":"A9D54EE6-30AF-411C-A285-A4DCB6C6EC06"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:x64:*","matchCriteriaId":"C230D3BF-7FCE-405C-B62E-B9190C995C3C"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows_11_22h2:-:*:*:*:*:*:x64:*","matchCriteriaId":"D5EC3F68-8F41-4F6B-B2E5-920322A4A321"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:-:*:*:*:*:*:x64:*","matchCriteriaId":"8E3C1327-F331-4448-A253-00EAC7428317"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:-:*:*:*:*:*:arm64:*","matchCriteriaId":"08EE1F3A-A8DE-4867-BB5B-8A8ED867F3CA"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:-:*:*:*:*:*:x64:*","matchCriteriaId":"B1670829-6A8C-4688-B7A5-3DFB878A4861"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:-:*:*:*:*:*:arm64:*","matchCriteriaId":"024EE6EC-6D62-4EAC-B1EF-A5E4EAD439A1"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:-:*:*:*:*:*:x64:*","matchCriteriaId":"25D142AB-B61D-43F3-B7E6-DB9140EFEF75"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:-:*:*:*:*:*:arm64:*","matchCriteriaId":"CBFE0371-0C4D-406A-9EC7-456104271C3E"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:-:*:*:*:*:*:x64:*","matchCriteriaId":"F2B83840-FCE8-445A-AE55-ACEDA6534FA1"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*","matchCriteriaId":"821614DD-37DD-44E2-A8A4-FE8D23A33C3C"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows_server_2025:-:*:*:*:*:*:x64:*","matchCriteriaId":"FE97605F-7942-435A-9F5B-D51FA19A41AD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*","matchCriteriaId":"E039CE1F-B988-4741-AE2E-5B36E2AF9688"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:.net_framework:4.8:*:*:*:*:*:*:*","matchCriteriaId":"2D3F18AF-84ED-473B-A8DF-65EB23C475AF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:arm64:*","matchCriteriaId":"73D24713-D897-408D-893B-77A61982597D"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:x64:*","matchCriteriaId":"306B7CE6-8239-4AED-9ED4-4C9F5B349F58"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:x64:*","matchCriteriaId":"83A79DD6-E74E-419F-93F1-323B68502633"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:arm64:*","matchCriteriaId":"A9D54EE6-30AF-411C-A285-A4DCB6C6EC06"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:x64:*","matchCriteriaId":"C230D3BF-7FCE-405C-B62E-B9190C995C3C"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*","matchCriteriaId":"DB79EE26-FC32-417D-A49C-A1A63165A968"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows_server_2025:-:*:*:*:*:*:x64:*","matchCriteriaId":"FE97605F-7942-435A-9F5B-D51FA19A41AD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*","matchCriteriaId":"E039CE1F-B988-4741-AE2E-5B36E2AF9688"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*","matchCriteriaId":"A7DF96F8-BA6A-4780-9CA3-F719B3F81074"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*","matchCriteriaId":"DB18C4CE-5917-401E-ACF7-2747084FD36E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*","versionStartIncluding":"8.0.0","versionEndExcluding":"8.0.27","matchCriteriaId":"22FEE1A6-0E92-4E1A-B3C0-AD8DF6EE7B7B"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*","versionStartIncluding":"9.0.0","versionEndExcluding":"9.0.16","matchCriteriaId":"1F144BCB-8CEA-451A-9048-2A706EA67262"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*","versionStartIncluding":"10.0.0","versionEndExcluding":"10.0.8","matchCriteriaId":"480D562B-C22F-4227-B1F2-1DFA7E239DC7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2026","CveId":"32177","Ordinal":"1","Title":".NET Elevation of Privilege Vulnerability","CVE":"CVE-2026-32177","Year":"2026"},"notes":[{"CveYear":"2026","CveId":"32177","Ordinal":"1","NoteData":"Heap-based buffer overflow in .NET allows an unauthorized attacker to elevate privileges locally.","Type":"Description","Title":".NET Elevation of Privilege Vulnerability"}]}}}