CVE ID :CVE-2026-46491 Published : June 10, 2026, 12:16 a.m. | 58 minutes ago Description :SimpleSAMLphp-casserver is a CAS 1.0 and 2.0 compliant CAS server in the form of a SimpleSAMLphp module. Prior to version 7.0.3, simplesamlphp-module-casserver builds file paths for the file-based CAS...

#Sicherheitslücke

Original-Artikel öffnen Zurück zur Übersicht

ARTICLEVIEW

CVE-2026-46491 - SimpleSAMLphp casserver FileSystemTicketStore path traversal allows out-of-ticket-directory read/unserialize and conditional deletion

VERWANDTEARTIKEL

CVE-2026-11645

CVE-2026-53673 - BuddyPress 14.4.0 Private Message IDOR via REST API user_id Parameter

CVE-2026-45782 - Cloud Hypervisor: Use-after-free in virtio-block Async I/O Completion

CVE-2026-41729 - Spring Data REST SpEL Injection via Map Key in JSON Patch

CVE-2026-41732 - In Spring for Apache Pulsar, overly broad trusted-package matching in header mapper exposes JDK classes to deserialization

CVE-2026-41717 - Spring Data MongoDB - SpEL Expression Injection via Annotated Query Parameter Binding