ASP.NET Core planning for .NET 11 is now in progress! This roadmap is currently just a placeholder. We'll update the roadmap with specific planned features as planning progresses. This issue ...

On October 14, 2025, Microsoft released a security update addressing CVE-2025-55315, a vulnerability in ASP.NET Core that allows HTTP request smuggling. While request smuggling is a known technique, ...

Earlier this week, Microsoft patched a vulnerability that was flagged with the "highest ever" severity rating received by an ASP.NET Core security flaw. This HTTP request smuggling bug (CVE-2025-55315 ...

CVE-2025-55315 is an HTTP request smuggling bug leading to information leaks, file content tampering, and server crashes. Microsoft’s October Patch Tuesday updates addressed a critical-severity ...

Microsoft warns that attackers are deploying malware in ViewState code injection attacks using static ASP. NET machine keys found online. As Microsoft Threat Intelligence experts recently discovered, ...

Deploy the published app to a folder on the hosting server. Set up a process manager that starts the app when requests arrive and restarts the app after it crashes or the server reboots. For ...

.NET 9 and its ASP.NET Core 9 web-dev framework are coming in November with the latest technology and tools for building modern web apps. And these days, that usually means leveraging the cloud and ...

Learn the best practices and built-in safeguards for preventing attacks and protecting sensitive data in your ASP.NET Core web applications. Today’s web applications are vulnerable to a variety of ...

Take advantage of improved identity management in ASP.NET Core to implement identity-based authentication for minimal APIs quickly, easily, and with less code. Minimal APIs in ASP.NET Core allow us to ...