Home > Vulnerability Database > CVE-2025-7326

Mend.io Vulnerability Database

CVE-2025-7326

Good to know:

Date: July 8, 2025

Weak authentication in EOL ASP.NET Core allows an unauthorized attacker to elevate privileges over a network. NOTE: This CVE affects only End Of Life (EOL) software components. The vendor, Microsoft, has indicated there will be no future updates nor support provided upon inquiry.

Severity Score

7.0

Related Resources (7)

Url: https://www.herodevs.com/vulnerability-directory/cve-2025-24070

Url: https://www.herodevs.com/vulnerability-directory/cve-2025-7326?nes-for-.net

Url: https://www.herodevs.com/vulnerability-directory/cve-2025-7326

Url: https://www.cve.org/CVERecord?id=CVE-2025-24070

Url: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24070

Url: https://nvd.nist.gov/vuln/detail/CVE-2025-7326

Url: https://www.mend.io/vulnerability-database/CVE-2025-7326

Severity Score

7.0

Weakness Type (CWE)

Weak Authentication

CWE-1390

Top Fix

Upgrade Version

Upgrade to version Microsoft.AspNetCore.Identity - 2.3.1;Microsoft.AspNetCore.Identity - 2.3.1

Learn More

CVSS v3.1

Base Score:	7.0
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	HIGH
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2025-7326

Good to know:

Date: July 8, 2025

Severity Score

Related Resources (7)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?