CVE-2026-54774
Severity CVSS v4.0:
Pending analysis
Type:
CWE-345
Insufficient Verification of Data Authenticity
Publication date:
08/07/2026
Last modified:
08/07/2026
Description
CoreWCF is a port of the service side of Windows Communication Foundation (WCF) to .NET Core. Prior to 1.8.1 and 1.9.1, SamlSerializer skips final SignatureValue verification when a CoreWCF service validates SAML tokens using a non-X.509 signing token, allowing an attacker to reference a non-X.509 SecurityToken key identifier and bypass assertion signature verification. This issue is fixed in versions 1.8.1 and 1.9.1.
Impact
Base Score 3.x
7.40
Severity 3.x
HIGH
References to Advisories, Solutions, and Tools
- https://github.com/CoreWCF/CoreWCF/commit/65d09022749854ba943e376aefb958dec05b00d8
- https://github.com/CoreWCF/CoreWCF/commit/b914495ce63c44924664643b60a262e7595081a4
- https://github.com/CoreWCF/CoreWCF/commit/e7454132876ecc7e2cf80e541a44376eeb54979b
- https://github.com/CoreWCF/CoreWCF/releases/tag/v1.8.1
- https://github.com/CoreWCF/CoreWCF/releases/tag/v1.9.1
- https://github.com/CoreWCF/CoreWCF/security/advisories/GHSA-rpj7-hr7h-w6p9



