CVE-2026-54782
CoreWCF SAML Validation Flaw Allows Impersonation
Halo Surface Signal: 4 out of 5 — likely to be public-facing.
CoreWCF's SAML token validation has a vulnerability that an unauthenticated attacker could exploit to impersonate users. This occurs when federated bindings are used with certain configurations, allowing for improper validation of the issuer's signature. This could lead to an attacker assuming the identity of any princ