Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2026-54781
PUBLISHED
More InfoOfficial Page
Assigner-GitHub_M
Assigner Org ID-a0819718-46f1-4df5-94e2-005712e83aaa
View Known Exploited Vulnerability (KEV) details
Published At-08 Jul, 2026 | 22:19
Updated At-09 Jul, 2026 | 14:40
Rejected At-
▼CVE Numbering Authority (CNA)
CoreWCF: SAML SubjectConfirmation methods and holder-of-key proof keys are not enforced

CoreWCF is a port of the service side of Windows Communication Foundation (WCF) to .NET Core. Prior to 1.8.1 and 1.9.1, CoreWCF SAML token validation does not enforce SubjectConfirmation method URIs or holder-of-key proof keys in SamlSecurityTokenHandler, allowing holder-of-key downgrade or custom confirmation method assertions to authenticate a subject without proving authority over the assertion. This issue is fixed in versions 1.8.1 and 1.9.1.

Affected Products
Vendor
CoreWCF
Product
CoreWCF
Versions
Affected
  • >= 1.9.0, < 1.9.1
  • < 1.8.1
Problem Types
TypeCWE IDDescription
CWECWE-287CWE-287: Improper Authentication
CWECWE-345CWE-345: Insufficient Verification of Data Authenticity
Type: CWE
CWE ID: CWE-287
Description: CWE-287: Improper Authentication
Type: CWE
CWE ID: CWE-345
Description: CWE-345: Insufficient Verification of Data Authenticity
Metrics
VersionBase scoreBase severityVector
3.17.4HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Version: 3.1
Base score: 7.4
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://github.com/CoreWCF/CoreWCF/security/advisories/GHSA-48pq-2xq3-c2m4
x_refsource_CONFIRM
https://github.com/CoreWCF/CoreWCF/commit/6a99df3242f54acd6f89edfd6050430b72d0c685
x_refsource_MISC
https://github.com/CoreWCF/CoreWCF/commit/86dd3232b6b8aaf32281be9e8d798afad6145d58
x_refsource_MISC
https://github.com/CoreWCF/CoreWCF/commit/9eb9b46d1c2af06fb71f656a02f4d5b4649c1f03
x_refsource_MISC
https://github.com/CoreWCF/CoreWCF/releases/tag/v1.8.1
x_refsource_MISC
https://github.com/CoreWCF/CoreWCF/releases/tag/v1.9.1
x_refsource_MISC
Hyperlink: https://github.com/CoreWCF/CoreWCF/security/advisories/GHSA-48pq-2xq3-c2m4
Resource:
x_refsource_CONFIRM
Hyperlink: https://github.com/CoreWCF/CoreWCF/commit/6a99df3242f54acd6f89edfd6050430b72d0c685
Resource:
x_refsource_MISC
Hyperlink: https://github.com/CoreWCF/CoreWCF/commit/86dd3232b6b8aaf32281be9e8d798afad6145d58
Resource:
x_refsource_MISC
Hyperlink: https://github.com/CoreWCF/CoreWCF/commit/9eb9b46d1c2af06fb71f656a02f4d5b4649c1f03
Resource:
x_refsource_MISC
Hyperlink: https://github.com/CoreWCF/CoreWCF/releases/tag/v1.8.1
Resource:
x_refsource_MISC
Hyperlink: https://github.com/CoreWCF/CoreWCF/releases/tag/v1.9.1
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
Details not found