HIGH 7.5 NuGet
GHSA-2cwq-pwfr-wcw3 · CVE-2026-44375 Nerdbank.MessagePack: Attacker-controlled stackalloc in DateTime decoding causes process-terminating StackOverflowException
Modified: 5/14/2026
package
NuGet / Nerdbank.MessagePack
pkg:nuget/Nerdbank.MessagePack
MEDIUM 5.3 NuGet
GHSA-92vj-hp7m-gwcj Nerdbank.MessagePack has Inefficient CPU Computation
Modified: 5/29/2026
MEDIUM 5.3 NuGet
GHSA-qjvr-435c-5fjh Nerdbank.MessagePack has a memory amplification DoS in collection deserialization
Modified: 5/29/2026