Windows IIS .NET Framework: Denial of Service via Network

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

7.5

Windows IIS .NET Framework: Denial of Service via Network

CVE-2026-23666

Summary

An issue in Windows IIS using the .NET Framework can cause a denial of service (DoS) if an attacker exploits it. This affects web servers running IIS with the .NET Framework, and if not addressed, could lead to website downtime. Update your .NET Framework and IIS to the latest versions to protect your system.

Original title

Concurrent execution using shared resource with improper synchronization ('race condition') in .NET Framework allows an unauthorized attacker to deny service over a network.

Original description

Concurrent execution using shared resource with improper synchronization ('race condition') in .NET Framework allows an unauthorized attacker to deny service over a network.

nvd CVSS3.1 7.5

Vulnerability type

CWE-755

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23666

Published: 14 Apr 2026 · Updated: 14 Apr 2026 · First seen: 14 Apr 2026