Microsoft issues emergency update for macOS and Linux ASP.NET threat

Microsoft released an emergency patch for its ASP.NET Core to fix a high-severity vulnerability that allows unauthenticated ...
The Hacker News

Microsoft Patches Critical ASP.NET Core CVE-2026-40372 Privilege Escalation Bug

"A regression in the Microsoft.AspNetCore.DataProtection 10.0.0-10.0.6 NuGet packages cause the managed authenticated ...
theregister

Microsoft calls time on ASP.NET Core 2.3 on .NET Framework

Microsoft has set an end-of-support date of April 7, 2027, for ASP.NET Core 2.3, the only supported version on .NET Framework, even though .NET Framework (and the original ASP.NET) will continue to be ...
InfoQ

Microsoft Ships OData .NET (ODL) 9.0.0 Preview 3: Safety, Modern APIs, and Spec Compliance

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...
Visual Studio Magazine

Microsoft Pushes OData Forward with New Previews

Microsoft is continuing to modernize its Open Data Protocol (OData) stack, with new preview releases for both ASP.NET Core OData and the OData Model Builder, plus fresh research that proposes an ...
Bleeping Computer

Microsoft fixes highest-severity ASP.NET Core flaw ever

Earlier this week, Microsoft patched a vulnerability that was flagged with the "highest ever" severity rating received by an ASP.NET Core security flaw. This HTTP request smuggling bug (CVE-2025-55315 ...
CSOonline

Critical ASP.NET core vulnerability earns Microsoft’s highest-ever severity score

The Kestrel web server flaw allows request smuggling attacks, but the actual risk depends on the application code and deployment. Microsoft has patched a critical vulnerability in ASP.NET Core that ...
SecurityWeek

‘Highest Ever’ Severity Score Assigned by Microsoft to ASP.NET Core Vulnerability

CVE-2025-55315 is an HTTP request smuggling bug leading to information leaks, file content tampering, and server crashes. Microsoft’s October Patch Tuesday updates addressed a critical-severity ...
GitHub

CustomUriFunctions do not support nullable parameters

Which assemblies and versions are known to be affected e.g. ASP.NET Core OData 8.2.4 (but I feel it affects all the versions) When adding a custom function for a nullable type when binding that ...
InfoWorld

How to use CORS in ASP.NET Core minimal APIs

How to configure the CORS middleware for minimal APIs and enable secure cross-origin resource sharing in your ASP.NET Core applications. ASP.NET Core offers a simplified hosting model, called minimal ...
InfoWorld

How to implement caching in ASP.NET Core minimal APIs

Learn how to use in-memory caching, distributed caching, hybrid caching, response caching, or output caching in ASP.NET Core to boost the performance and scalability of your minimal API applications.