SAML Vulnerability in samlify Library by tngan
CVE-2025-47949

9.9CRITICAL

Key Information:

Vendor

Tngan

Status
Samlify
Vendor
CVE Published:
19 May 2025

Badges

đź“° News Worthy

What is CVE-2025-47949?

A vulnerability has been identified in the samlify library, utilized for SAML single sign-on, that allows attackers to exploit a Signature Wrapping attack. This issue affects versions of samlify prior to 2.10.0. It enables an unauthorized user to craft and forge a malicious SAML Response, potentially gaining access to the system as any legitimate user, provided they have a signed XML document from an identity provider. Upgrade to version 2.10.0 or later to mitigate this security risk.

Affected Version(s)

samlify < 2.10.0

News Articles

favicon imageBleepingComputer

Critical Samlify SSO flaw lets attackers log in as admin

A critical Samlify authentication bypass vulnerability has been discovered that allows attackers to impersonate admin users by injecting unsigned malicious assertions into legitimately signed SAML responses.

8 hours ago

References

https://github.com/tngan/samlify/security/advisories/GHSA...
x_refsource_CONFIRM
https://github.com/tngan/samlify/commit/115679acd89f0a37e...
x_refsource_MISC

CVSS V4

Score:
9.9
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • đź“°

    First article discovered by BleepingComputer

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2025-47949 : SAML Vulnerability in samlify Library by tngan