CVE ID :CVE-2026-46490 Published : June 8, 2026, 7:16 p.m. | 1 hour, 58 minutes ago Description :samlify is a Node.js library for SAML single sign-on. Prior to version 2.13.0, samlify’s template substitution only escapes attribute contexts. Values inserted into element text (e.g., ) are not...

#Sicherheitslücke

Original-Artikel öffnen Zurück zur Übersicht

ARTICLEVIEW

CVE-2026-46490 - samlify: XML Injection in AttributeValue Allows Privilege Escalation in Signed SAML Assertions

VERWANDTEARTIKEL

One-Character Linux Kernel Flaw Enables Local Root Access, Exploits Now Public

CVE-2026-40466

CVE-2022-41678

CVE-2016-3088

CVE-2015-5254

CVE-2026-46484 - Headplane: Path Traversal + RBAC Bypass in renameNode allows authenticated OIDC users to expire or rename any node/user