May 2026 Servicing Updates: Enhanced Security and Stability for .NET and .NET Framework

Overview

Welcome to our combined servicing update announcement for May 2026. This month, we are pleased to deliver the latest security and non-security improvements for both .NET and .NET Framework. As always, these updates are designed to keep your applications secure, performant, and reliable. The releases are available as of May 12, 2026, and we encourage all users to apply them promptly.

Security Improvements

The May 2026 servicing update addresses several critical vulnerabilities. Below is a summary of the CVEs resolved in this release. These fixes apply to multiple versions of .NET and .NET Framework, as detailed in the table.

• CVE-2026-32177 – .NET Elevation of Privilege Vulnerability (Affects: .NET 10.0, .NET 9.0, .NET 8.0, .NET Framework 3.5, 4.6.2, 4.7, 4.7.2, 4.8, 4.8.1)
• CVE-2026-35433 – .NET Elevation of Privilege Vulnerability (Affects: .NET 10.0, .NET 9.0, .NET 8.0)
• CVE-2026-32175 – .NET Tampering Vulnerability (Affects: .NET 10.0, .NET 9.0, .NET 8.0)
• CVE-2026-42899 – .NET Denial of Service Vulnerability (Affects: .NET 10.0, .NET 9.0, .NET 8.0)

These security fixes are part of our ongoing commitment to protecting the .NET ecosystem. For full details on each vulnerability, please refer to the official CVE entries.

Release Versions

The May 2026 update includes new builds for .NET 10.0, .NET 9.0, and .NET 8.0. The specific version numbers are:

• .NET 10.0.8
• .NET 9.0.16
• .NET 8.0.27

Each release includes both security and non-security fixes. We recommend updating to the latest version for your target framework. Detailed release notes are available for each version:

• .NET 10.0.8 Release Notes
• .NET 9.0.16 Release Notes
• .NET 8.0.27 Release Notes

Installers and Binaries

You can download the installers and binaries directly from the .NET download page. Links for each version are provided below:

• .NET 10.0.8 Installers and Binaries
• .NET 9.0.16 Installers and Binaries
• .NET 8.0.27 Installers and Binaries

Container Images

Updated container images are available on Microsoft Artifact Registry (previously MCR). You can pull the images for each supported .NET version:

• .NET 10.0.8 Container Images
• .NET 9.0.16 Container Images
• .NET 8.0.27 Container Images

Linux Packages

For Linux users, package feeds have been updated. You can install the latest versions using your distribution’s package manager. Refer to the following version-specific feeds:

• .NET 10.0 Linux Packages
• .NET 9.0 Linux Packages
• .NET 8.0 Linux Packages

Known Issues

Before upgrading, please review the known issues for your target version. These are documented for each release:

• .NET 10.0 Known Issues
• .NET 9.0 Known Issues
• .NET 8.0 Known Issues

Release Changelogs

Detailed changelogs are available for each component. Here are the key changelogs for the May 2026 update:

• ASP.NET Core: 10.0.8
• Entity Framework Core: 10.0.8
• Runtime: 10.0.8 | 9.0.16 | 8.0.27

We welcome your feedback on this release through the Release feedback issue.

.NET Framework May 2026 Updates

This month’s .NET Framework servicing update includes both security and non-security fixes. The updates apply to .NET Framework versions 3.5, 4.6.2, 4.7, 4.7.2, 4.8, and 4.8.1. For a complete list of changes, please visit the .NET Framework release notes.

Conclusion

We hope these May 2026 servicing releases help improve the security and stability of your .NET and .NET Framework applications. As always, we recommend updating to the latest versions at your earliest convenience. Stay tuned for next month’s updates, and thank you for being part of the .NET community.