By vendor
Samlify_project vulnerabilities
Known CVEs affecting Samlify_project products, prioritized by severity, with SEC.co remediation and detection guidance.
1 published vulnerability
- CVE-2026-46490HIGH 8.8
A flaw in samlify, a Node.js SAML authentication library, allows attackers to inject malicious XML into SAML assertions. When user attributes (like email or display name) are processed during single sign-on, an attacker can add fake authorization attributes that get signed by the identity provider and trusted by the service provider. This can lead to privilege escalation if the application relies on SAML attributes for access control decisions.