Home

Description

CoreWCF is a port of the service side of Windows Communication Foundation (WCF) to .NET Core. Prior to 1.8.1 and 1.9.1, CoreWCF NetNamedPipe transport accepts attachment to a pre-existing named pipe instance, allowing local interception of NetNamedPipe traffic when an attacker races NamedPipeListener startup between shared memory GUID publication and service named pipe creation. This issue is fixed in versions 1.8.1 and 1.9.1.

PUBLISHED Reserved 2026-06-15 | Published 2026-07-08 | Updated 2026-07-10 | Assigner GitHub_M




MEDIUM: 6.5CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L

Problem types

CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition

CWE-665: Improper Initialization

Product status

>= 1.9.0, < 1.9.1
affected

< 1.8.1
affected

References

github.com/...oreWCF/security/advisories/GHSA-6jj2-4q5c-x8g6

github.com/...ommit/8ed9c780c7c6fb22fa215c5771dee0c1e49596b7

github.com/...ommit/e7d225394fd429900dcbc445dcdd53b94e964077

github.com/CoreWCF/CoreWCF/releases/tag/v1.8.1

github.com/CoreWCF/CoreWCF/releases/tag/v1.9.1

cve.org (CVE-2026-54777)

nvd.nist.gov (CVE-2026-54777)

Download JSON