CVE-2026-50528 is an incorrect authorization vulnerability in Microsoft .NET that allows an unauthorized attacker to bypass an authentication-related security feature over a network. The issue affects multiple supported .NET release lines and corresponding Visual Studio distributions that bundle the vulnerable runtime. Microsoft classifies the flaw as a security feature bypass caused by improper authorization handling, enabling remote exploitation without prior authentication or user interaction. Available weakness mappings include CWE-302, CWE-636, and CWE-863; based on the published description, the most fitting classification is CWE-863. The vulnerability has a CVSS v3.1 vector of AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N, indicating low attack complexity, no privileges required, and no user interaction, with primary impact to integrity and limited confidentiality impact.
Mallory correlates every CVE against your assets, your vendors, and active adversary campaigns. Know which vulnerabilities matter for you, not just which ones are loud.
What it means. What to do now. Patch path, mitigations, and the assume-compromise checklist.
What an attacker gets, and what they’ve been doing with it.
Patch, then assume compromise.
No public exploits tracked yet. Mallory keeps watching.
No public exploit code observed for this vulnerability.
3 sources tracked across advisories, community write-ups, and news. New activity surfaces here as Mallory finds it.
A security feature bypass vulnerability in .NET.
An incorrect authorization vulnerability in Microsoft .NET that allows an unauthorized attacker to bypass a security feature over a network.
Query your assets running an affected version, and investigate the blast radius.
Every observed campaign linking this CVE to a named adversary.
Malware families riding this exploit, with evidence and IOCs.
YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.
Cross-references every affected SKU, including bundled OEM variants.
Community discussion across Reddit, Mastodon, and other social sources.