3 matches found
CVE-2026-54775 CoreWCF: Kafka consume pump halts permanently on a Kafka tombstone (null-value record), causing persistent endpoint denial of service.
CoreWCF is a port of the service side of Windows Communication Foundation WCF to .NET Core. Prior to 1.8.1 and 1.9.1, a CoreWCF service listening on a Kafka topic stops processing new records from that topic when KafkaTransportPump receives a null-value tombstone record, causing a persistent...
CoreWCF: Kafka consume pump halts permanently on a Kafka tombstone (null-value record), causing persistent endpoint denial of service.
Impact A CoreWCF service is running and listening on a Kafka topic receiving a null-value record will stop processing new records from that topic. Preconditions The attacker has produce/write permission on a topic that CoreWCF is consuming from. If the broker permits anonymous publishes, no...
PT-2026-51072
Name of the Vulnerable Software and Affected Versions CoreWCF versions prior to 1.8.1 CoreWCF versions prior to 1.9.1 Description A CoreWCF service listening on a Kafka topic stops processing new records when the KafkaTransportPump receives a null-value tombstone record. A tombstone record is a...