.NET ↗

Microsoft · Web / Runtime

Track your version:Monitors .NET and tailors your dashboard to that exact version.

10.0.9 · latest cycle100/100 Healthy

Summary iPlain-English security verdict for .NET, generated from its current health score, actively-exploited vulnerabilities, and latest supported version.

.NET currently scores 100/100 — healthy. 2 actively-exploited vulnerabilities (CISA KEV) affect older releases (e.g. CVE-2023-44487) — staying on the latest supported version keeps you clear of them. The latest supported release is 10.0.9. It's on the latest patch with no significant known issues — keep it current.

Disclosure trend iNew CVEs published for .NET each year (NVD). A higher bar means more disclosures that year — more scrutiny, not necessarily less safe.

'19

'20

'21

'22

'23

'24

'25

'26

Patch priority — what to act on iThe issues to fix first — actively exploited (CISA KEV) first, then by exploitation probability (EPSS), then severity. Each row's "→ fixed in" is the earliest version that patches it; "see advisory" means no fixed version is published.

Most urgent first — actively exploited, then likeliest to be exploited.

CVE-2023-44487 HIGH exploited Uncontrolled resource consumption EPSS 100% → fixed in 7.0.12 CVE-2023-38180 HIGH exploited Uncontrolled resource consumption EPSS 16% → fixed in 7.0.10 CVE-2023-38171 HIGH CWE-476 EPSS 69% → fixed in 7.0.12 CVE-2021-26701 HIGH EPSS 30% → fixed in 5.0.4 CVE-2024-43498 CRITICAL CWE-843 EPSS 4% → see advisory CVE-2024-0057 CRITICAL Improper input validation EPSS 3% → fixed in 7.0.15

See all 87 known .NET CVEs & security history →

Get alerted about .NET

Be emailed the moment .NET gets a newly exploited vulnerability (CISA KEV) or a release reaches end of life. Free · double opt-in · unsubscribe anytime.

We email only on real events for .NET — no marketing, no sharing, and we never know what you run. Track your whole stack →

Versions & lifecycle iWhen each release line stops receiving security patches (end-of-life). After EOL there are no more fixes — plan upgrades before these dates.

How long each .NET release line is supported — and when it sunsets. Select a line for its full report.

Nov14'28 .NET 10EOL 2028-11-14

Nov10'26 .NET 9EOL 2026-11-10

Nov10'26 .NET 8EOL 2026-11-10

Nov12'24 .NET 6ended 2024-11-12

May14'24 .NET 7ended 2024-05-14

Dec13'22 .NET 3.1ended 2022-12-13

May10'22 .NET 5ended 2022-05-10

Aug21'21 .NET 2.1ended 2021-08-21

Mar3'20 .NET 3.0ended 2020-03-03

Dec23'19 .NET 2.2ended 2019-12-23

Jun27'19 .NET 1.1ended 2019-06-27

Jun27'19 .NET 1.0ended 2019-06-27

Full .NET end-of-life dates & support timeline →

10 latest 10.0.9 Supported until 2028-11-1410.0.9 → 9 latest 9.0.17 Supported until 2026-11-109.0.17 → 8 latest 8.0.28 Supported until 2026-11-108.0.28 → 7 latest 7.0.20 End of life ended 2024-05-147.0.20 → 6 latest 6.0.36 End of life ended 2024-11-126.0.36 → 5 latest 5.0.17 End of life ended 2022-05-105.0.17 → 3.1 latest 3.1.32 End of life ended 2022-12-133.1.32 → 3.0 latest 3.0.3 End of life ended 2020-03-033.0.3 → 2.2 latest 2.2.8 End of life ended 2019-12-232.2.8 → 2.1 latest 2.1.30 End of life ended 2021-08-212.1.30 → See all upcoming end-of-life dates →

Frequently asked

Is .NET safe and patched?

What should I do about .NET now?

Upgrade .NET to the latest supported release (10.0.9) or later, which clears the actively-exploited issues affecting older versions, then confirm against Microsoft's official advisory.

When does .NET reach end-of-life?

The latest supported .NET release is 10.0.9. After end-of-life a release no longer receives security patches.

Which versions of .NET are still receiving security updates?

Supported .NET release lines (latest 10.0.9): 10, 9, 8. End-of-life releases no longer receive security patches.

Informational only, from public data (NVD · CISA KEV · EPSS · endoflife.date), and can lag or miss vendor-specific fixes. Always confirm against Microsoft's official advisory before you patch or upgrade — .NET official site ↗