Back to overview

CVE-2026-54784

HIGH
7.4
CVSS 3.1
Description
CoreWCF is a port of the service side of Windows Communication Foundation (WCF) to .NET Core. In version 1.9.0, CoreWCF SPNEGO SecurityContextToken negotiation can expose the proof key recovered from the RSTR when TransportWithMessageCredential with Windows client credentials and session establishment are used, allowing an observer to impersonate the authenticated Windows principal and decrypt or forge WS-SecureConversation traffic. This issue is fixed in version 1.9.1.

Metadata

CVE ID
CVE-2026-54784
State
PUBLISHED
Assigner
GitHub_M
Reserved
2026-06-15 23:23 UTC
Published
2026-07-08 22:18 UTC
Last updated
2026-07-08 22:18 UTC
Primary CWE
CWE-311
CWE-311: Missing Encryption of Sensitive Data
Vendor / Product
CoreWCF / CoreWCF
Sources
cve.org  ·  NVD

Severity & Metrics

7.4 HIGH CVSS 3.1
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Affected products (1)
VendorProductPlatformVersions
CoreWCF CoreWCF >= 1.9.0, < 1.9.1
Weakness (CWE)
CWESourceDescription
CWE-311 cna CWE-311: Missing Encryption of Sensitive Data
CWE-523 cna CWE-523: Unprotected Transport of Credentials
CVSS scores (1)
ScoreSeverityVersionSourceVector
7.4 HIGH 3.1 cna CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
References (4)
Back to overview