May 2026 Servicing Updates: Enhanced Security and Stability for .NET and .NET Framework
Overview
Welcome to our combined servicing update announcement for May 2026. This month, we are pleased to deliver the latest security and non-security improvements for both .NET and .NET Framework. As always, these updates are designed to keep your applications secure, performant, and reliable. The releases are available as of May 12, 2026, and we encourage all users to apply them promptly.
Security Improvements
The May 2026 servicing update addresses several critical vulnerabilities. Below is a summary of the CVEs resolved in this release. These fixes apply to multiple versions of .NET and .NET Framework, as detailed in the table.
- CVE-2026-32177 – .NET Elevation of Privilege Vulnerability (Affects: .NET 10.0, .NET 9.0, .NET 8.0, .NET Framework 3.5, 4.6.2, 4.7, 4.7.2, 4.8, 4.8.1)
- CVE-2026-35433 – .NET Elevation of Privilege Vulnerability (Affects: .NET 10.0, .NET 9.0, .NET 8.0)
- CVE-2026-32175 – .NET Tampering Vulnerability (Affects: .NET 10.0, .NET 9.0, .NET 8.0)
- CVE-2026-42899 – .NET Denial of Service Vulnerability (Affects: .NET 10.0, .NET 9.0, .NET 8.0)
These security fixes are part of our ongoing commitment to protecting the .NET ecosystem. For full details on each vulnerability, please refer to the official CVE entries.
Release Versions
The May 2026 update includes new builds for .NET 10.0, .NET 9.0, and .NET 8.0. The specific version numbers are:
- .NET 10.0.8
- .NET 9.0.16
- .NET 8.0.27
Each release includes both security and non-security fixes. We recommend updating to the latest version for your target framework. Detailed release notes are available for each version:
Installers and Binaries
You can download the installers and binaries directly from the .NET download page. Links for each version are provided below:
- .NET 10.0.8 Installers and Binaries
- .NET 9.0.16 Installers and Binaries
- .NET 8.0.27 Installers and Binaries
Container Images
Updated container images are available on Microsoft Artifact Registry (previously MCR). You can pull the images for each supported .NET version:
Linux Packages
For Linux users, package feeds have been updated. You can install the latest versions using your distribution’s package manager. Refer to the following version-specific feeds:
Known Issues
Before upgrading, please review the known issues for your target version. These are documented for each release:
Release Changelogs
Detailed changelogs are available for each component. Here are the key changelogs for the May 2026 update:
- ASP.NET Core: 10.0.8
- Entity Framework Core: 10.0.8
- Runtime: 10.0.8 | 9.0.16 | 8.0.27
We welcome your feedback on this release through the Release feedback issue.
.NET Framework May 2026 Updates
This month’s .NET Framework servicing update includes both security and non-security fixes. The updates apply to .NET Framework versions 3.5, 4.6.2, 4.7, 4.7.2, 4.8, and 4.8.1. For a complete list of changes, please visit the .NET Framework release notes.
Conclusion
We hope these May 2026 servicing releases help improve the security and stability of your .NET and .NET Framework applications. As always, we recommend updating to the latest versions at your earliest convenience. Stay tuned for next month’s updates, and thank you for being part of the .NET community.
Related Articles
- NSA's Inglis Reflects on Snowden Leaks: Lessons for Security Leaders a Decade Later
- Fedora Hummingbird Launches: A Security-First, Rolling Linux OS Built as a Container Image
- Edge Decay Crisis: Attackers Exploit Broken Perimeter Security at Machine Speed
- Supply Chain Breach Compromises CPU-Z Downloads: SentinelOne AI Blocks Attack in Real Time
- Breaking: Hackers Weaponize Trusted IT Tools — Your Own Utilities Now Pose Top Security Threat
- Unit 42 Warns: Endpoint-Only Detection Leaves Enterprises Vulnerable – New Data Sources Critical
- PamDOORa: The New Linux Backdoor Hijacking SSH via PAM Modules
- Free Password Managers: Your Guide to No-Cost Online Security