Auth bypass in Entrust Corporation Instant Financial Issuance (If)

CVE-2026-23746

Entrust Instant Financial Issuance (IFI) On Premise software (formerly referred to as CardWizard) versions 5.x, prior to 6.10.5, and prior to 6.11.1 contain an insecure .NET Remoting exposure in the SmartCardController service (DCG.SmartCa…

Vulnerability class: Broken Authentication

EPSS: 0.009 (53.9th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References