Detections
Analytics
Security Updates for Microsoft .NET Framework (May 2026)
high Nessus Plugin ID 314930
Synopsis
The Microsoft .NET Framework installation on the remote host is affected by an other vulnerability.Description
The Microsoft .NET Framework installation on the remote host is missing a security update. It is, therefore, affected by the following vulnerability:- Heap-based buffer overflow in .NET allows an unauthorized attacker to elevate privileges locally.
(CVE-2026-32177)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
Solution
Microsoft has released the following security updates to address this issue:-KB5087048
-KB5087049
-KB5087051
-KB5087053
-KB5087054
-KB5087055
-KB5087058
-KB5087059
-KB5087061
-KB5087062
-KB5087063
-KB5087064
-KB5087065
-KB5087066
-KB5087067
-KB5087068
-KB5087069
See Also
https://support.microsoft.com/help/5087048
https://support.microsoft.com/help/5087049
https://support.microsoft.com/help/5087051
https://support.microsoft.com/help/5087053
https://support.microsoft.com/help/5087054
https://support.microsoft.com/help/5087055
https://support.microsoft.com/help/5087058
https://support.microsoft.com/help/5087059
https://support.microsoft.com/help/5087061
https://support.microsoft.com/help/5087062
https://support.microsoft.com/help/5087063
https://support.microsoft.com/help/5087064
https://support.microsoft.com/help/5087065
https://support.microsoft.com/help/5087066
https://support.microsoft.com/help/5087067
Plugin Details
Severity: High
ID: 314930
File Name: smb_nt_ms26_may_dotnet.nasl
Version: 1.1
Type: Local
Agent: windows
Family: Windows : Microsoft Bulletins
Published: 5/15/2026
Updated: 5/15/2026
Supported Sensors: Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.3
CVSS v2
Risk Factor: High
Base Score: 9
Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:P
CVSS Score Source: CVE-2026-32177
CVSS v3
Risk Factor: High
Base Score: 7.3
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L
Vulnerability Information
CPE: cpe:/a:microsoft:.net_framework
Required KB Items: SMB/MS_Bulletin_Checks/Possible
Patch Publication Date: 5/12/2026
Vulnerability Publication Date: 5/12/2026
Reference Information
CVE: CVE-2026-32177
IAVA: 2026-A-0474
MSFT: MS26-5087048, MS26-5087049, MS26-5087051, MS26-5087053, MS26-5087054, MS26-5087055, MS26-5087058, MS26-5087059, MS26-5087061, MS26-5087062, MS26-5087063, MS26-5087064, MS26-5087065, MS26-5087066, MS26-5087067, MS26-5087068, MS26-5087069
MSKB: 5087048, 5087049, 5087051, 5087053, 5087054, 5087055, 5087058, 5087059, 5087061, 5087062, 5087063, 5087064, 5087065, 5087066, 5087067, 5087068, 5087069