CyberRota
← Ana sayfaya dön

CVE-2026-46490

HIGH · CVSS 8.8 EPSS %0.38 Public Exploit

Kaynak: NVD + CISA KEV + EPSS · Yayınlanma: 2026-06-08T19:16:45.950 · Çekilme zamanı: 2026-06-30T18:14:27.090834+00:00

CyberRota Yorumu

Detaylı analiz gerekiyor.

Public Exploit Sinyali

Bu CVE için açıklama veya referanslarda public exploit / PoC / GitHub / Metasploit sinyali tespit edildi.

GitHub PoC Linkleri
github.com

Not: Bu bağlantılar yalnızca güvenlik araştırması ve doğrulama amacıyla listelenmiştir.

CVE
CVE-2026-46490
Severity
HIGH
CVSS
8.8
EPSS
%0.38

Orijinal NVD Açıklaması

samlify is a Node.js library for SAML single sign-on. Prior to version 2.13.0, samlify’s template substitution only escapes attribute contexts. Values inserted into element text (e.g., <saml:AttributeValue>) are not escaped. A normal user can inject XML markup into an attribute value (e.g., email, name) and add new <saml:Attribute> elements inside the signed assertion. The IdP then signs the tampered assertion and the SP accepts the injected attributes as trusted. This allows privilege escalation when attributes are used for authorization (roles/groups). This issue has been patched in version 2.13.0.