Microsoft have published security advisory CVE-2025-55315, a Request Smuggling "exploit" in .NET, with the highest CVSS score ever issued for a .NET security flaw. You should obviously patch straight away, but just how dangerous is it? 0:00 Intro and comparison to log4j / Log4Shell 1:10 Conversations happening all over the land this week 2:49 asking Barry Dorrans, Head of .NET Security, some questions 4:14 Is Azure App Service patched? 6:35 Taking a look at the HeroDevs reproduction example of the exploit 9:00 What is actually going on with Request Smuggling? 11:52 An ask for the Head of .NET Security and outtro More info here: #dotnet #csharp #coding