Medium severity5.9NVD Advisory· Published Jun 19, 2026· Updated Jun 19, 2026

CoreWCF: SAML token replay protection is inoperative

CVE-2026-54779

Description

Impact

When enabling DetectReplayedTokens, a token can be replayed and will be detected despite it being reused.

Patches

Fixed in CoreWCF v1.8.1 and v1.9.1

Workarounds

Provide your own implementation of ITokenReplayCache with the correct behavior.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

CoreWCF/Corewcfllm-fuzzy
Range: <1.8.1, <1.9.1

Patches

Vulnerability mechanics

No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.

References

github.com/advisories/GHSA-9jr3-rj99-8jq3ghsaADVISORY
github.com/CoreWCF/CoreWCF/security/advisories/GHSA-9jr3-rj99-8jq3ghsa

News mentions

No linked articles in our index yet.

cvss	0.260
epss	0.000
exploit	0.000
kev	0.000
patch	-0.070
ransomware	0.000