CVE-2026-40306:
C# vulnerability analysis and mitigation

All new installations DNN 10.x.x - 10.2.1 installs, have the same Host GUID. This does not affect upgrades from 9.x.x.

Source: NVD

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
GHSA-ffq7-898w-9jc4	HIGH	8	C#	DotNetNuke.Core	No	Yes	Apr 10, 2026
GHSA-mvm6-f9r3-fgfx	HIGH	7.7	C#	AWSSDK.CloudFront	No	Yes	Mar 27, 2026
CVE-2026-39959	HIGH	7.1	C#	Tmds.DBus	No	Yes	Apr 09, 2026
CVE-2026-40305	MEDIUM	4.3	C#	DotNetNuke.Core	No	Yes	Apr 10, 2026
CVE-2026-40306	LOW	N/A	C#	DotNetNuke.Core	No	Yes	Apr 10, 2026

Free Vulnerability Assessment

Benchmark your Cloud Security Posture

Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.

A community-led vulnerabilities database

A threat intelligence database

A tenant isolation framework

Get a personalized demo

"Best User Experience I have ever seen, provides full visibility to cloud workloads."

David EstlickCISO

"Wiz provides a single pane of glass to see what is going on in our cloud environments."

Adam FletcherChief Security Officer

"We know that if Wiz identifies something as critical, it actually is."

Greg PoniatowskiHead of Threat and Vulnerability Management