CRITICALData BreachACTIVE
The Hacker News: Microsoft Patches Critical ASP.NET Core CVE-2026-40372 Privilege Escalation Bug
April 22, 2026
Incident Summary
Microsoft released a patch for a critical security vulnerability in ASP.NET Core that could allow privilege escalation. The raw signal indicates the flaw affects users of the Nuance DAX AI service. This matters because privilege escalation can allow attackers to gain higher-level access than intended in affected environments. Limited public details are available in the provided text about exploitation, scope of impact, or affected versions, beyond confirmation that a patch was issued.
Incident Details
- Type
- Data Breach
- Severity
- CRITICAL
- Status
- ACTIVE
- Date Occurred
- April 22, 2026
#hackernews#security#breach