Lucene search
K

4 matches found

NVD
NVD
added 6 days ago6 views

CVE-2026-54772

CoreWCF is a port of the service side of Windows Communication Foundation WCF to .NET Core. Prior to 1.8.1 and 1.9.1, an unauthenticated remote attacker that can reach a NetTcpBinding, NetNamedPipeBinding, or UnixDomainSocketBinding endpoint can trigger premature EOF handling in the CoreWCF...

7.5CVSS0.00476EPSS
Exploits0References6
CVE
CVE
added 6 days ago14 views

CVE-2026-54772

CoreWCF (net.tcp/net.pipe/net.uds) prior to versions 1.8.1 and 1.9.1 is affected. An unauthenticated remote attacker can trigger premature EOF handling in the framing handshake, causing one server thread-pool worker to be pinned at 100% CPU per connection and potentially exhausting CPU with multi...

7.5CVSS6AI score0.00476EPSS
Exploits0References6
Snyk
Snyk
added 2026/06/19 8:46 p.m.5 views

Infinite loop

Overview Affected versions of this package are vulnerable to Infinite loop through the preamble decode loop in DuplexFramingMiddleware and SingletonFramingMiddleware, with the same end-of-stream handling issue in RawStream.ReadAsyncInternal. An attacker can keep a server connection open...

8.7CVSS5.8AI score0.00476EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/03/15 12:0 a.m.11 views

PT-2024-22368 · Corewcf · Corewcf

Name of the Vulnerable Software and Affected Versions: CoreWCF versions prior to 1.4.2 CoreWCF versions prior to 1.5.2 Description: The issue affects NetFraming based CoreWCF services, where extra system resources could be consumed by connections being left established instead of closing or...

7.5CVSS7.1AI score0.00579EPSS
Exploits0References9
Rows per page
Query Builder