2 matches found
CVE-2026-54777
CoreWCF.NetNamedPipe transport is vulnerable to a local TOCTOU race where an attacker can race a NamedPipeListener between the shared-memory GUID publication and the creation of the service pipe, enabling interception of NetNamedPipe traffic by attaching to a pre-existing named pipe instance. Aff...
PT-2026-51074
Name of the Vulnerable Software and Affected Versions CoreWCF versions prior to 1.8.1 CoreWCF versions prior to 1.9.1 Description The NetNamedPipe transport in CoreWCF allows local interception of traffic. This occurs because the transport accepts attachments to pre-existing named pipe instances...