Lucene search
K

11 matches found

NVD
NVD
added 5 days ago6 views

CVE-2026-54784

CoreWCF is a port of the service side of Windows Communication Foundation WCF to .NET Core. In version 1.9.0, CoreWCF SPNEGO SecurityContextToken negotiation can expose the proof key recovered from the RSTR when TransportWithMessageCredential with Windows client credentials and session...

7.4CVSS0.00175EPSS
Exploits0References4
NVD
NVD
added 5 days ago5 views

CVE-2026-54776

CoreWCF is a port of the service side of Windows Communication Foundation WCF to .NET Core. Prior to 1.8.1 and 1.9.1, a CoreWCF service hosted on Unix Domain Sockets with PosixIdentity client credentials can accept connections that skip the application/unixposix stream upgrade before dispatching...

4.4CVSS0.00109EPSS
Exploits0References6
CVE
CVE
added 5 days ago24 views

CVE-2026-54784

CoreWCF CVE-2026-54784 affects CoreWCF 1.9.0 where SPNEGO SecurityContextToken proof key recovered from the RSTR can be observed when using TransportWithMessageCredential with Windows client credentials, enabling impersonation of the Windows principal and decryption/forgery of WS‑SecureConversati...

7.4CVSS6AI score0.00175EPSS
Exploits0References4
NVD
NVD
added 5 days ago5 views

CVE-2026-54777

CoreWCF is a port of the service side of Windows Communication Foundation WCF to .NET Core. Prior to 1.8.1 and 1.9.1, CoreWCF NetNamedPipe transport accepts attachment to a pre-existing named pipe instance, allowing local interception of NetNamedPipe traffic when an attacker races NamedPipeListen...

6.5CVSS0.00088EPSS
Exploits0References5
CVE
CVE
added 5 days ago16 views

CVE-2026-54775

Summary: CVE-2026-54775 affects CoreWCF.Kafka’s KafkaTransportPump. Before versions 1.8.1 and 1.9.1, a null-value tombstone (Kafka tombstone) on a topic causes the pump to halt, stopping processing of new records and potentially causing persistent endpoint denial of service for topics with produc...

6.5CVSS6AI score0.00336EPSS
Exploits0References6
CVE
CVE
added 5 days ago18 views

CVE-2026-54773

CoreWCF WS-Security signature substitution vulnerability: prior to versions 1.8.1 and 1.9.1, WS-Security verification performs a document-wide ds:Signature lookup, allowing an unauthenticated remote attacker to place a SOAP header before wsse:Security and cause attacker-supplied ds:Signature to b...

5.9CVSS6AI score0.00238EPSS
Exploits0References6
CVE
CVE
added 5 days ago13 views

CVE-2026-54772

CoreWCF (net.tcp/net.pipe/net.uds) prior to versions 1.8.1 and 1.9.1 is affected. An unauthenticated remote attacker can trigger premature EOF handling in the framing handshake, causing one server thread-pool worker to be pinned at 100% CPU per connection and potentially exhausting CPU with multi...

7.5CVSS6AI score0.00476EPSS
Exploits0References6
Cvelist
Cvelist
added 5 days ago31 views

CVE-2026-54776 CoreWCF: Unix Domain Socket PosixIdentity transport accepts connections that skip the security upgrade

CoreWCF is a port of the service side of Windows Communication Foundation WCF to .NET Core. Prior to 1.8.1 and 1.9.1, a CoreWCF service hosted on Unix Domain Sockets with PosixIdentity client credentials can accept connections that skip the application/unixposix stream upgrade before dispatching...

4.4CVSS0.00109EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2026/06/19 8:46 p.m.4 views

CoreWCF: SamlSerializer skips SignatureValue verification when SAML signing token is not an X.509 certificate

Impact When a service is configured to validate SAML tokens using a method other than X.509 certificate signing, the final signature verification is skipped. Preconditions The service is configured to authenticate using SAML tokens and an out of band token resolver commonly the IssuerTokenResolve...

7.4CVSS5.8AI score0.0015EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/06/19 8:46 p.m.12 views

GHSA-P86G-XRR2-PF7C CoreWCF: Pre-authentication infinite-loop CPU exhaustion in CoreWCF net.tcp / net.pipe / net.uds framing handshake

Impact An unauthenticated remote attacker can pin one server thread‑pool worker at 100 % CPU per connection. With a few connections, the CPU usage can be exhausted. Preconditions An attacker being able to reach a service which is exposing an endpoint using one of NetTcpBinding, NetNamedPipeBindin...

7.5CVSS5.9AI score0.00476EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.11 views

PT-2026-51076

Name of the Vulnerable Software and Affected Versions CoreWCF versions prior to 1.8.1 CoreWCF versions prior to 1.9.1 Description SAML token replay protection is inoperative because the DefaultTokenReplayCache.TryAdd function does not reject duplicate tokens when DetectReplayedTokens is enabled...

5.9CVSS5.9AI score0.00268EPSS
Exploits0References12
Rows per page
Query Builder