CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

ATTACKERKB•added 2 days ago•3 views

CVE-2026-47201

Exploits0References2Affected Software1

EUVD•added 2 days ago•5 views

EUVD-2026-34027

Vulnrichment•added 2 days ago•2 views

CVE-2026-47201 authentik: XML Signature Wrapping in SAML Source ACS allows authentication as arbitrary federated user

Cvelist•added 2 days ago•22 views

CVE-2026-47201 authentik: XML Signature Wrapping in SAML Source ACS allows authentication as arbitrary federated user

8.5CVSS0.00063EPSS

OSV•added 6 days ago•4 views

GHSA-C3M2-JQMQ-PVP3 authentik's XML Signature Wrapping in SAML Source ACS allows authentication as arbitrary federated user

Summary authentik's SAML Source ACS endpoint is vulnerable to XML Signature Wrapping when validating upstream SAML responses. An attacker with any account at the upstream IdP can reuse a valid signed assertion to authenticate as another federated user. Patches authentik 2026.5.1, 2026.2.4 and...

Github Security Blog•added 6 days ago•15 views

Exploits0References3

authentik's XML Signature Wrapping in SAML Source ACS allows authentication as arbitrary federated user

Exploits0References3Affected Software1

Positive Technologies•added 6 days ago•6 views

PT-2026-45029

Name of the Vulnerable Software and Affected Versions authentik versions prior to 2025.12.5 authentik versions prior to 2026.2.3 authentik versions prior to 2026.5.1 Description The SAML Source ACS endpoint is susceptible to XML Signature Wrapping, a technique where a valid signature is used to...

Tenable Nessus•added 2026/02/13 12:0 a.m.•4 views

Exploits0References7

SAP NetWeaver AS ABAP XML Signature Wrapping (3697567)

The version of SAP NetWeaver AS ABAP and ABAP Platform detected on the remote host is affected by an XML signature wrapping vulnerability as disclosed in the SAP Security Patch Day February 2026: - SAP NetWeaver AS ABAP and ABAP Platform is affected by an XML signature wrapping vulnerability. An...

8.8CVSS5.6AI score0.00019EPSS

Cvelist•added 2026/02/10 3:2 a.m.•26 views

CVE-2026-23687 XML Signature Wrapping in SAP NetWeaver AS ABAP and ABAP Platform

SAP NetWeaver Application Server ABAP and ABAP Platform allows an authenticated attacker with normal privileges to obtain a valid signed message and send modified signed XML documents to the verifier. This may result in acceptance of tampered identity information, unauthorized access to sensitive...

8.8CVSS0.00019EPSS

Vulnrichment•added 2026/02/10 3:2 a.m.•2 views

CVE-2026-23687 XML Signature Wrapping in SAP NetWeaver AS ABAP and ABAP Platform

8.8CVSS5.5AI score0.00019EPSS

CVE•added 2026/02/10 3:2 a.m.•10 views

CVE-2026-23687

CVE-2026-23687 affects SAP NetWeaver Application Server ABAP and ABAP Platform. An authenticated attacker with normal privileges can obtain a valid signed message and send modified signed XML to the verifier, potentially allowing tampered identity information and leading to unauthorized access to...

8.8CVSS5.5AI score0.00019EPSS

Exploits0References2Affected Software1

Tenable Nessus•added 2026/01/20 12:0 a.m.•4 views

MiracleLinux 8 : lasso-2.6.0-12.el8 (AXSA:2021-2745:02)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2021-2745:02 advisory. lasso: XML signature wrapping vulnerability when parsing SAML responses CVE-2021-28091 Tenable has extracted the preceding description block directly from th...

7.5CVSS5.6AI score0.00639EPSS

Tenable Nessus•added 2026/01/20 12:0 a.m.•5 views

MiracleLinux 8 : libreoffice-6.4.7.2-10.el8.ML.1 (AXSA:2022-3720:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3720:01 advisory. libreoffice: Content Manipulation with Double Certificate Attack CVE-2021-25633 libreoffice: Timestamp Manipulation with Signature Wrapping...

7.5CVSS7.5AI score0.00385EPSS

Exploits0References4

Tenable Nessus•added 2026/01/19 12:0 a.m.•3 views

MiracleLinux 7 : lasso-2.5.1-8.0.1.el7.AXS7 (AXSA:2021-2283:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2283:01 advisory. lasso: XML signature wrapping vulnerability when parsing SAML responses CVE-2021-28091 Tenable has extracted the preceding description block directly from th...

7.5CVSS5.5AI score0.00639EPSS

Veracode•added 2025/12/13 8:4 a.m.•3 views

Authentication Bypass

ruby-saml is vulnerable to authentication bypass. The vulnerability is due to improper handling of libxml2 canonicalization in Nokogiri when processing invalid XML, which returns an empty string used for DigestValue calculation, allowing an attacker to perform a Signature Wrapping attack and bypa...

9.3CVSS5.8AI score0.00048EPSS

Exploits0References4Affected Software1

Veracode•added 2025/12/13 8:2 a.m.•2 views

Authentication Bypass

ruby-saml is vulnerable to authentication bypass. The vulnerability is due to inconsistent XML parsing between REXML and Nokogiri resulting in different document structures, which allows an attacker to perform a Signature Wrapping attack and bypass authentication...

9.3CVSS5.8AI score0.0005EPSS

Exploits0References4Affected Software1

Tenable Nessus•added 2025/12/11 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2025-66568

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The ruby-saml library implements the client side of an SAML authorization. Versions up to and including 1.12.4, are vulnerable to authentication bypass through...

9.3CVSS5.7AI score0.00048EPSS