corewcf
OSS Librariesoss-project
Top products
Latest CVEs
The 14 most recently published vulnerabilities affecting corewcf.
- CVE-2026-54782CoreWCF: Authentication bypass in CoreWCF SAML 1.1 / 2.0 token signature validation10.0
- CVE-2026-54781CoreWCF: SAML SubjectConfirmation methods and holder-of-key proof keys are not enforced7.4
- CVE-2026-54784CoreWCF: SPNEGO SecurityContextToken proof key wrapped without confidentiality7.4
- CVE-2026-54774CoreWCF: SamlSerializer skips SignatureValue verification when SAML signing token is not an X.509 certificate7.4
- CVE-2026-54783CoreWCF: XML Signature Wrapping in WS-Security endorsing/supporting signature verification allows replay of captured signed messages7.4
- CVE-2026-54780CoreWCF: WS-Security Reference DigestMethod Algorithm-Suite Bypass3.7
- CVE-2026-54775CoreWCF: Kafka consume pump halts permanently on a Kafka tombstone (null-value record), causing persistent endpoint denial of service.6.5
- CVE-2026-54778CoreWCF: UnixDomainSocket Non-Reentrant POSIX Identity Resolution6.2
- CVE-2026-54773CoreWCF: WS-Security signature substitution via document-wide Signature lookup5.9
- CVE-2026-54779CoreWCF: SAML token replay protection is inoperative5.9
- CVE-2026-54772CoreWCF: Pre-authentication infinite-loop CPU exhaustion in CoreWCF net.tcp / net.pipe / net.uds framing handshake7.5
- CVE-2026-54776CoreWCF: Unix Domain Socket PosixIdentity transport accepts connections that skip the security upgrade4.4
- CVE-2026-54777CoreWCF NetNamedPipe transport accepts attach to a pre-existing named pipe instance6.5
- CVE-2024-28252CoreWCF NetFraming based services can leave connections open when they should be closed7.5