SAML Vulnerability in Logto Affecting Open-Source Authentication Infrastructure
CVE-2026-55789

8.5HIGH

Key Information:

Vendor

Logto-io

Status
Vendor
CVE Published:
10 July 2026

What is CVE-2026-55789?

Logto, the modern open-source authentication infrastructure for SaaS and AI applications, experienced a significant vulnerability prior to version 1.41.0. This issue arose within its self-hosted SAML application identity provider (IdP), where user-controlled profile attributes were improperly integrated into a SAML XML template. Specifically, attributes like name and email could be exploited by an authenticated low-privilege user to inject arbitrary XML markup. This manipulation could lead to the signing of forged SAML attributes, potentially allowing unauthorized privilege escalation at relying service providers that utilize SAML attributes for authorization. The vulnerability has been addressed in Logto version 1.41.0.

Affected Version(s)

logto < 1.41.0

References

CVSS V3.1

Score:
8.5
Severity:
HIGH
Confidentiality:
Low
Integrity:
High
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.