High CVE-2026-46490 samlify is a Node.js library for SAML single sign-on. Prior to version 2.13.0, samlify’s template substitution only escapes attribute contexts. Values inserted into element text (e.g., ) are not escaped. A normal user can inject XML markup into an attribute value (e.g., email,...

#Sicherheitslücke

Original-Artikel öffnen Zurück zur Übersicht

ARTICLEVIEW

[High] CVE-2026-46490 – samlify is a Node.js library for SAML single sign-on. Prior to version 2.13.0, s...

VERWANDTEARTIKEL

One-Character Linux Kernel Flaw Enables Local Root Access, Exploits Now Public

CVE-2026-40466

CVE-2022-41678

CVE-2016-3088

CVE-2015-5254

CVE-2026-46484 - Headplane: Path Traversal + RBAC Bypass in renameNode allows authenticated OIDC users to expire or rename any node/user