# .NET 10 CVEs

The .NET Team releases [monthly updates for .NET 10](https://github.com/dotnet/announcements/labels/.NET%2010.0) on [Patch Tuesday](https://en.wikipedia.org/wiki/Patch_Tuesday). These updates often include security fixes. If you are on an older version, your app may be vulnerable.

Your app needs to be on the latest .NET 10 patch version to be secure. The longer you wait to upgrade, the greater the exposure to CVEs.

## Which CVEs apply to my app?

Your app may be vulnerable to the following published security [CVEs](https://www.cve.org/) if you are using an older version.

- 10.0.1 (December 2025)
  - No new CVEs
- 10.0.0 (November 2025)
  - No new CVEs

The CVE exposure is cumulative. For example, `10.0.0` users may be vulnerable to the CVEs present in `10.0.0` and newer releases. Similarly, `10.0.3` users may be vulnerable to the CVEs present in `10.0.4` and newer releases. The latest release is not vulnerable to any published CVEs.