Known Vulnerabilities for System.net.security by Microsoft

Listed below are 3 of the newest known vulnerabilities associated with "System.net.security" by "Microsoft".

These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.

Data on known vulnerable versions is also displayed based on information from known CPEs

Known Vulnerabilities

CVE	Shortened Description	Severity	Publish Date	Last Modified
CVE-2026-56251 json	Capgo before 12.128.2 contains a broken row level security policy in the org_users table that allows authenticated users to e...	Not Provided	2026-06-21	2026-06-22
CVE-2026-55743 json	The shell tool command allowlist in the SecurityPolicy of OpenHuman desktop agent through 0.54.0 (default Supervised security...	Not Provided	2026-06-17	2026-06-17
CVE-2026-55741 json	Cotonti 1.0.0 (master branch, commit f43f1fc3) is vulnerable to Cross-Site Request Forgery in the administration configuratio...	Not Provided	2026-06-18	2026-06-18
CVE-2026-54759 json	SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, Lute's HTML sanitizer does not remove ... </td> <td><span class="label label-info">Not Provided</span> </td> <td>2026-06-24 </td> <td>2026-06-25 </td> </tr> <tr> <td> <a href="../../CVE-2026-54070" title="CVE-2026-54070">CVE-2026-54070</a> <small><a href="/api/cve/CVE-2026-54070.json">json</a></small> </td> <td>SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, renderPackageREADME in kernel/bazaar/readme.go... </td> <td><span class="label label-info">Not Provided</span> </td> <td>2026-06-24 </td> <td>2026-06-26 </td> </tr> <tr> <td> <a href="../../CVE-2026-53476" title="CVE-2026-53476">CVE-2026-53476</a> <small><a href="/api/cve/CVE-2026-53476.json">json</a></small> </td> <td>A flaw was found in assisted-migration-agent. An unauthenticated attacker, located on the same local area network (LAN), can ... </td> <td><span class="label label-info">Not Provided</span> </td> <td>2026-06-10 </td> <td>2026-06-10 </td> </tr> <tr> <td> <a href="../../CVE-2026-49494" title="CVE-2026-49494">CVE-2026-49494</a> <small><a href="/api/cve/CVE-2026-49494.json">json</a></small> </td> <td>Xcitium Client Security (XCS) before 13.8.2.10019 and Comodo Internet Security (CIS) through 12.3.4.8162 (fix expected by 202... </td> <td><span class="label label-info">Not Provided</span> </td> <td>2026-06-07 </td> <td>2026-06-23 </td> </tr> <tr> <td> <a href="../../CVE-2026-48827" title="CVE-2026-48827">CVE-2026-48827</a> <small><a href="/api/cve/CVE-2026-48827.json">json</a></small> </td> <td>Path traversal vulnerability in Apache MINA SSHD bundle sshd-git. Lack of path validation in git-upload-pack, git-receive-pac... </td> <td><span class="label label-info">Not Provided</span> </td> <td>2026-06-01 </td> <td>2026-06-01 </td> </tr> <tr> <td> <a href="../../CVE-2026-48787" title="CVE-2026-48787">CVE-2026-48787</a> <small><a href="/api/cve/CVE-2026-48787.json">json</a></small> </td> <td>gin-vue-admin is an AI-assisted basic development platform. In version 2.9.1, an authenticated attacker with access to the co... </td> <td><span class="label label-info">Not Provided</span> </td> <td>2026-06-19 </td> <td>2026-06-22 </td> </tr> <tr> <td> <a href="../../CVE-2026-46668" title="CVE-2026-46668">CVE-2026-46668</a> <small><a href="/api/cve/CVE-2026-46668.json">json</a></small> </td> <td>SpiceDB is an open source database system for creating and managing security-critical application permissions. From version 1... </td> <td><span class="label label-info">Not Provided</span> </td> <td>2026-06-10 </td> <td>2026-06-10 </td> </tr> </table><div class="panel-footer">Results limited to 10 most recent vulnerabilities</div> </div> <div class="panel panel-primary"> <div class="panel-heading"> <h3 class="panel-title">Known Affected Configurations (CPE V2.3)</h3> </div> <table class="table"> <tr> <th>Type</th> <th>Vendor</th> <th>Product</th> <th>Version</th> <th>Update</th> <th>Edition</th> <th>Language</th> </tr> <tr><td>Application</td><td><a href="../../vendor/microsoft" title="Microsoft">Microsoft</a></td><td>System.net.security</td><td>4.3.0</td><td></td><td></td><td></td> </tr> <tr><td>Application</td><td><a href="../../vendor/microsoft" title="Microsoft">Microsoft</a></td><td>System.net.security</td><td>4.0.0</td><td></td><td></td><td></td> </tr> </table> </div></div> <div class="container"> <footer class="footer"> © <a href="https://cve.report/">CVE.report</a> 2026 \| <p>Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.</p> <p>CVE, CWE, and OVAL are registred trademarks of <a href ="https://uspto.report/company/Mitre-Corp">The MITRE Corporation</a> and the authoritative source of CVE content is <a href="https://cve.report/mitre">MITRE's CVE web site</a>. This site includes MITRE data granted under the following <a href="/mitre_license.txt">license</a>.</p> <p><b>Free CVE JSON API</b> <a href="https://cve.report/api">cve.report/api</a></p> <p><b>CVE.report and Source URL Uptime Status <a href="https://status.cve.report" title="CVE.report Uptime Status"> status.cve.report</a></b></p> </footer> </div> <script> //javascript for top nav search bar function goTicker() { var e = document.getElementById("ticker_lookup"); window.location.href = "https://cve.report/" + encodeURI(e.value.trim()); } function tickerGo(e) { 13 == e.keyCode && goTicker(), (document.getElementById("gobutton").style.display = "block"); } </script> <script> if ("serviceWorker" in navigator) { window.addEventListener("load", function () { navigator.serviceWorker.register("/sw.js?v=1780559583").catch(function () {}); }); } </script> </main> </body> </html>