CVE-2025-7326

Summary

Weak authentication in EOLASP.NET Core allows an unauthorized attacker to elevate privileges over a network. This issue affects ASP.NET Core versions 6.0.0-preview.1.21103.6 through 6.0.36 and Microsoft.AspNetCore.Identity versions through 2.3.0. NOTE: This CVE affects only End Of Life (EOL) software components. The vendor, Microsoft, has indicated there will be no future updates nor support provided upon inquiry.