Lucene search
K

129 matches found

Cvelist
Cvelist
added 5 days ago29 views

CVE-2026-54779 CoreWCF: SAML token replay protection is inoperative

CoreWCF is a port of the service side of Windows Communication Foundation WCF to .NET Core. Prior to 1.8.1 and 1.9.1, CoreWCF SAML token replay protection is inoperative because DefaultTokenReplayCache.TryAdd does not reject duplicate tokens when DetectReplayedTokens is enabled, allowing a captur...

5.9CVSS0.00268EPSS
Exploits0References6
CVE
CVE
added 5 days ago17 views

CVE-2026-54779

CoreWCF (Windows Communication Foundation port for .NET Core) has a SAML token replay protection flaw prior to versions 1.8.1 and 1.9.1. The issue arises because DefaultTokenReplayCache.TryAdd does not reject duplicate tokens when DetectReplayedTokens is enabled, allowing a captured token to be r...

5.9CVSS5.9AI score0.00268EPSS
Exploits0References6
OSV
OSV
added 2026/06/19 9:16 p.m.6 views

GHSA-C7JM-38GQ-H67H http4k: `ServerFilters.DigestAuth` / `DigestAuthProvider` defaulted to an always-true nonce verifier, disabling replay protection in default deployments

Impact ServerFilters.DigestAuth and the underlying DigestAuthProvider both defaulted their nonceVerifier parameter to true — i.e. every nonce was accepted regardless of value, age, or prior use. Any deployment using the default configuration had no replay protection on Digest authentication; a...

5.8AI score
Exploits0References6
Github Security Blog
Github Security Blog
added 2026/06/19 8:47 p.m.12 views

CoreWCF: SAML token replay protection is inoperative

Impact When enabling DetectReplayedTokens, a token can be replayed and will be detected despite it being reused. Patches Fixed in CoreWCF v1.8.1 and v1.9.1 Workarounds Provide your own implementation of ITokenReplayCache with the correct behavior...

5.9CVSS5.8AI score0.00268EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/06/19 8:47 p.m.6 views

GHSA-9JR3-RJ99-8JQ3 CoreWCF: SAML token replay protection is inoperative

Impact When enabling DetectReplayedTokens, a token can be replayed and will be detected despite it being reused. Patches Fixed in CoreWCF v1.8.1 and v1.9.1 Workarounds Provide your own implementation of ITokenReplayCache with the correct behavior...

5.9CVSS5.8AI score0.00268EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.6 views

PT-2026-53777

Impact ServerFilters.DigestAuth and the underlying DigestAuthProvider both defaulted their nonceVerifier parameter to true — i.e. every nonce was accepted regardless of value, age, or prior use. Any deployment using the default configuration had no replay protection on Digest authentication; a...

5.7AI score
Exploits0References7
Cvelist
Cvelist
added 2026/06/12 6:3 p.m.40 views

CVE-2026-28742 Naxclow IoT Platform Use of hard-coded cryptographic key

Naxclow devices use a uniform request-signing scheme based on a hard-coded, platform-wide salt embedded in every firmware image. Once this salt is recovered from any device, an attacker can generate valid signatures for arbitrary device or account operations due to the absence of per-device keys,...

9.8CVSS0.0033EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/12 6:3 p.m.12 views

EUVD-2026-36525

Naxclow devices use a uniform request-signing scheme based on a hard-coded, platform-wide salt embedded in every firmware image. Once this salt is recovered from any device, an attacker can generate valid signatures for arbitrary device or account operations due to the absence of per-device keys,...

9.8CVSS5.4AI score0.0033EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.23 views

VMware Spring Web Services 安全漏洞

VMware Spring Web Services is a SOAP Web services development framework provided by the American company VMware. There are security vulnerabilities in versions 5.0.0 to 5.0.1, 4.1.0 to 4.1.3, 4.0.0 to 4.0.18, and 3.1.0 to 3.1.8 of VMware Spring Web Services. These vulnerabilities stem from...

3.7CVSS5.4AI score0.00223EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:47 p.m.13 views

CVE-2026-9095

Casdoor versions 2.362.0 and earlier map SAML assertions to user sessions without replay protection. The ParseSamlResponse function in object/samlsp.go calls sp.RetrieveAssertionInfo and immediately maps the result to a user session. There is no assertion ID cache, OneTimeUse condition enforcemen...

8.1CVSS5.5AI score0.00298EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.16 views

PT-2026-45833

Name of the Vulnerable Software and Affected Versions authentik versions prior to 2025.12.5 authentik versions prior to 2026.2.3 Description The SAML source response processor ResponseProcessor.parse fails to validate the Conditions element on assertions. Specifically, NotBefore, NotOnOrAfter, an...

7.5CVSS5.5AI score0.00169EPSS
Exploits0References3
NVD
NVD
added 2026/05/28 5:16 p.m.23 views

CVE-2026-9095

Casdoor versions 2.362.0 and earlier map SAML assertions to user sessions without replay protection. The ParseSamlResponse function in object/samlsp.go calls sp.RetrieveAssertionInfo and immediately maps the result to a user session. There is no assertion ID cache, OneTimeUse condition enforcemen...

8.1CVSS0.00298EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/28 4:25 p.m.7 views

CVE-2026-9095

Casdoor versions 2.362.0 and earlier map SAML assertions to user sessions without replay protection. The ParseSamlResponse function in object/samlsp.go calls sp.RetrieveAssertionInfo and immediately maps the result to a user session. There is no assertion ID cache, OneTimeUse condition enforcemen...

5.9AI score0.00298EPSS
Exploits0References2
CVE
CVE
added 2026/05/28 4:25 p.m.27 views

CVE-2026-9095

Casdoor CVE-2026-9095 affects versions 2.362.0 and earlier. The ParseSamlResponse() in object/saml_sp.go maps retrieved SAML assertions directly to user sessions without replay protection, lacking an assertion ID cache, OneTimeUse enforcement, or replay detection in the SAML SP code path. This en...

8.1CVSS5.9AI score0.00298EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/28 4:25 p.m.9 views

CVE-2026-9095 CVE-2026-9095

Casdoor versions 2.362.0 and earlier map SAML assertions to user sessions without replay protection. The ParseSamlResponse function in object/samlsp.go calls sp.RetrieveAssertionInfo and immediately maps the result to a user session. There is no assertion ID cache, OneTimeUse condition enforcemen...

5.9AI score0.00298EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/28 4:25 p.m.33 views

CVE-2026-9095 CVE-2026-9095

Casdoor versions 2.362.0 and earlier map SAML assertions to user sessions without replay protection. The ParseSamlResponse function in object/samlsp.go calls sp.RetrieveAssertionInfo and immediately maps the result to a user session. There is no assertion ID cache, OneTimeUse condition enforcemen...

0.00298EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/28 12:0 a.m.13 views

Casdoor 安全漏洞

Casdoor is an open-source platform developed by Casdoor that supports various authentication and authorization protocols. Versions of Casdoor prior to 2.362.0 contained security vulnerabilities. These vulnerabilities stemmed from a lack of replay protection when mapping SAML assertions to user...

8.1CVSS6AI score0.00298EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.13 views

PT-2026-44424

Name of the Vulnerable Software and Affected Versions Casdoor versions prior to 2.362.1 Description Casdoor maps SAML assertions to user sessions without replay protection. The ParseSamlResponse function in object/saml sp.go calls sp.RetrieveAssertionInfo and immediately maps the result to a user...

8.1CVSS5.9AI score0.00298EPSS
Exploits0References3
Packet Storm News
Packet Storm News
added 2026/05/12 12:0 a.m.11 views

Five Attacks on X402 Agentic Payment Protocol

The x402 protocol revives the HTTP 402 Payment Required status code to enable web-native micropayments across APIs, content, and agents. It combines synchronous HTTP authorization with asynchronous blockchain settlement and introduces a cross-layer attack surface absent from conventional web and...

5.9AI score
Exploits0
OSV
OSV
added 2026/05/06 9:31 p.m.5 views

GHSA-CJG8-85GJ-V9Q2 Duplicate Advisory: OpenClaw: Feishu webhook and card-action validation now fail closed

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-xh72-v6v9-mwhc. This link is maintained to preserve external references. Original Description OpenClaw before 2026.4.15 contains an authentication bypass vulnerability in Feishu webhook and card-action validatio...

9.8CVSS6AI score0.00718EPSS
Exploits1References4
Rows per page
Query Builder