Looks like dotnet got hit with a critical vulnerability. That mostly affected the DataProtection package in version 10.0.6 but it’s possible to be vulnerable on older versions as well, depending on the runtime that was used.