This page collects WhisperX intelligence signals tagged #dotnet. It is designed for humans, search engines, and AI agents: each item links to a canonical source-backed record with sector, source, timestamp, credibility, and exportable structured data.
A critical security vulnerability has been patched in FertileNotify's authentication system, where the One-Time Password (OTP) generation mechanism relied on the predictable `System.Random` class. This insecure method, which is not cryptographically secure, could have allowed an attacker to guess or predict OTPs if the...
A critical security alert has been raised for the Microsoft.Data.Sqlite.Core 2.2.1 NuGet package, exposing two vulnerabilities with a maximum severity score of 7.5 on the CVSS scale. The flaws are not only present but are confirmed as 'reachable' within dependent applications, indicating a direct and exploitable attack...
A critical Cross-Site Request Forgery (CSRF) vulnerability has been identified in the GodObjectProfile component of a .NET 8 MVC application, allowing unauthorized state-mutating operations through standard GET requests. The flaw, reported through the project's issue tracker, exposes authenticated users to forced profi...
A development fork of the popular eShopOnContainers e-commerce reference architecture has been flagged for including a known-severity vulnerability in its test suite dependencies. WhiteSource security scanning detected the presence of Newtonsoft.Json version 12.0.2鈥攁 package with a documented CVSS score of 7.5鈥攑ackaged...
A security scan of the deltaHotelNine-Security-Demos/_demo_eShop_SCA repository has identified seven vulnerabilities linked to the microsoft.entityframeworkcore.sqlserver.7.0.5.nupkg package, with the highest reaching a CVSS score of 8.8. The findings, detected in commit a8031bc149a00a5a9a8174a98c957d42a9fc018a, point ...