Lucene search
K

163 matches found

NVD
NVD
added 4 days ago7 views

CVE-2026-54779

CoreWCF is a port of the service side of Windows Communication Foundation WCF to .NET Core. Prior to 1.8.1 and 1.9.1, CoreWCF SAML token replay protection is inoperative because DefaultTokenReplayCache.TryAdd does not reject duplicate tokens when DetectReplayedTokens is enabled, allowing a captur...

5.9CVSS0.00268EPSS
Exploits0References6
CVE
CVE
added 4 days ago17 views

CVE-2026-54779

CoreWCF (Windows Communication Foundation port for .NET Core) has a SAML token replay protection flaw prior to versions 1.8.1 and 1.9.1. The issue arises because DefaultTokenReplayCache.TryAdd does not reject duplicate tokens when DetectReplayedTokens is enabled, allowing a captured token to be r...

5.9CVSS5.9AI score0.00268EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/25 5:36 p.m.4 views

keycloak: Keycloak: Unauthorized account access via replayed refresh tokens after cluster restart

A flaw was found in Keycloak. When revokeRefreshToken=true is enabled and persistent session storage is in use, a server restart can reset internal timing mechanisms. This allows a remote attacker, who has previously captured a user's refresh token, to replay that token even after it has been...

6.8CVSS5.8AI score0.00305EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/24 8:44 p.m.9 views

CVE-2026-41000

A flaw was found in Spring Web Services. The security interceptor in the affected component did not properly integrate replay cache mechanisms. This vulnerability could allow a remote attacker to bypass replay protections for security tokens, such as UsernameToken nonces and SAML one-time-use...

3.7CVSS5.8AI score0.00223EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.7 views

PT-2026-52117

Name of the Vulnerable Software and Affected Versions Rocket.Chat versions prior to 8.5.1 Rocket.Chat versions prior to 8.4.4 Rocket.Chat versions prior to 8.3.6 Rocket.Chat versions prior to 8.2.6 Rocket.Chat versions prior to 8.1.6 Rocket.Chat versions prior to 8.0.7 Rocket.Chat versions prior ...

7.4CVSS5.8AI score0.00243EPSS
Exploits0References7
OSV
OSV
added 2026/06/19 8:47 p.m.6 views

GHSA-9JR3-RJ99-8JQ3 CoreWCF: SAML token replay protection is inoperative

Impact When enabling DetectReplayedTokens, a token can be replayed and will be detected despite it being reused. Patches Fixed in CoreWCF v1.8.1 and v1.9.1 Workarounds Provide your own implementation of ITokenReplayCache with the correct behavior...

5.9CVSS5.8AI score0.00268EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/19 8:47 p.m.6 views

Insufficient Session Expiration

Overview CoreWCF.Primitives is a port of the service side of Windows Communication Foundation WCF to .NET Core. The goal of this project is to enable existing WCF services to move to .NET Core. Affected versions of this package are vulnerable to Insufficient Session Expiration due to the TryAdd...

8.2CVSS5.9AI score0.00268EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.11 views

PT-2026-51076

Name of the Vulnerable Software and Affected Versions CoreWCF versions prior to 1.8.1 CoreWCF versions prior to 1.9.1 Description SAML token replay protection is inoperative because the DefaultTokenReplayCache.TryAdd function does not reject duplicate tokens when DetectReplayedTokens is enabled...

5.9CVSS5.9AI score0.00268EPSS
Exploits0References12
NVD
NVD
added 2026/06/16 7:17 p.m.12 views

CVE-2026-53862

OpenClaw before 2026.5.12 contains a bootstrap token replay vulnerability allowing callers with pending token access to reuse tokens with broader requested scopes. Attackers can replay bootstrap tokens before approval to escalate pairing authority beyond intended scope limits...

5.4CVSS0.00088EPSS
Exploits0References2
CVE
CVE
added 2026/06/16 6:5 p.m.27 views

CVE-2026-53862

OpenClaw prior to 2026.5.12 is affected by a bootstrap token replay vulnerability that allows callers with pending token access to reuse tokens for broader scopes, potentially escalating pairing authority before approval. The issue is described in the CVE as allowing bootstrap tokens to be replay...

5.4CVSS5.3AI score0.00088EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.12 views

PT-2026-49779

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.5.12 Description A bootstrap token replay issue allows callers with access to a pending bootstrap token to reuse it before approval with a broader requested scope. This can lead to the escalation of pairing...

5.4CVSS5.2AI score0.00088EPSS
Exploits0References5
Snyk
Snyk
added 2026/06/12 11:10 a.m.7 views

Authentication Bypass by Alternate Name

Overview org.apache.cxf:cxf-rt-rs-security-oauth2 is a services framework. Affected versions of this package are vulnerable to Authentication Bypass by Alternate Name via the JwtAccessTokenValidator class. An attacker can gain unauthorized access to protected resources by replaying a JWT access...

9.1CVSS5.3AI score0.00445EPSS
Exploits0References2
NVD
NVD
added 2026/06/12 10:16 a.m.13 views

CVE-2026-50627

The JwtAccessTokenValidator class in Apache CXF fails to validate the 'aud' Audience claims of incoming JWT access tokens. This allows a JWT issued for one Resource Server to be successfully replayed against a completely different Resource Server, leading to Token Confusion/Routing attacks. Users...

9.1CVSS0.00445EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/06/12 8:59 a.m.9 views

CVE-2026-50631 Apache CXF: OAuth2: TOCTOU Race Condition in Refresh Token Processing

A race condition in AbstractOAuthDataProvider allows concurrent requests using the same Refresh Token to bypass single-use semantics and generate multiple valid Access Tokens, when 'recycleRefreshTokens' is set to false. A leaked refresh token can be replayed concurrently by multiple attackers or...

5.2AI score0.00294EPSS
Exploits0References1
CVE
CVE
added 2026/06/12 8:55 a.m.31 views

CVE-2026-50627

The CVE-2026-50627 issue affects Apache CXF’s JwtAccessTokenValidator, which fails to validate the aud (Audience) claim in incoming JWT access tokens. As described in multiple sources (NVD/Red Hat/CVE List/etc.), a token issued for one Resource Server could be replayed against a different Resourc...

9.1CVSS5.2AI score0.00445EPSS
Exploits0References6Affected Software1
EUVD
EUVD
added 2026/06/12 8:55 a.m.9 views

EUVD-2026-36395

The JwtAccessTokenValidator class in Apache CXF fails to validate the 'aud' Audience claims of incoming JWT access tokens. This allows a JWT issued for one Resource Server to be successfully replayed against a completely different Resource Server, leading to Token Confusion/Routing attacks. Users...

5.1AI score0.00445EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/12 8:55 a.m.40 views

CVE-2026-50627 Apache CXF: OAuth2: Missing JWT Audience and Issuer Validation in Access Token Validator

The JwtAccessTokenValidator class in Apache CXF fails to validate the 'aud' Audience claims of incoming JWT access tokens. This allows a JWT issued for one Resource Server to be successfully replayed against a completely different Resource Server, leading to Token Confusion/Routing attacks. Users...

0.00445EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.16 views

PT-2026-48846

Name of the Vulnerable Software and Affected Versions Apache CXF versions prior to 4.2.2 Apache CXF versions prior to 4.1.7 Description The JwtAccessTokenValidator class fails to validate the aud Audience claims of incoming JWT access tokens. This flaw enables a JWT issued for one Resource Server...

9.1CVSS5.2AI score0.00445EPSS
Exploits0References7
NVD
NVD
added 2026/06/11 7:16 p.m.10 views

CVE-2026-47250

mcp-server-kubernetes is a Model Context Protocol server for Kubernetes cluster management. Prior to version 3.7.0, the kubectlgeneric tool in mcp-server-kubernetes passes user-supplied flags directly to kubectl without any allowlist, enabling a privilege escalation attack within Kubernetes...

6.1CVSS0.00267EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/10 5:38 p.m.11 views

keycloak: Keycloak: Unauthorized account access via replayed refresh tokens after cluster restart

A flaw was found in Keycloak. When revokeRefreshToken=true is enabled and persistent session storage is in use, a server restart can reset internal timing mechanisms. This allows a remote attacker, who has previously captured a user's refresh token, to replay that token even after it has been...

6.8CVSS5.4AI score0.00305EPSS
Exploits0References4
Rows per page
Query Builder