SAP NetWeaver AS ABAP XML Signature Wrapping in SAML Authentication (3746332)

The version of SAP NetWeaver AS ABAP and ABAP Platform detected on the remote host is affected by an XML signature wrapping vulnerability in SAML authentication as referenced in SAP Security Note 3746332: - SAP NetWeaver Application Server ABAP and ABAP Platform allows an authenticated attacker...

EUVD-2026-36311

Cloud Foundry UAA incorrectly treated XML encryption to the Service Provider confidentiality as a substitute for XML signatures from the Identity Provider authenticity in two SAML flows: the OAuth 2.0 SAML2 bearer grant token endpoint and browser SSO ACS when wantAssertionSigned is set to false...

CVE-2026-44748 XML Signature Wrapping in SAML Authentication in SAP NetWeaver AS ABAP and ABAP Platform

SAP NetWeaver Application Server ABAP and ABAP Platform allows an authenticated attacker with normal privileges to obtain a valid signed message and send modified signed XML documents to the verifier. This may result in acceptance of tampered identity information leading to unauthorized access to...

CVE-2026-44748

CVE-2026-44748 affects SAP NetWeaver Application Server ABAP and ABAP Platform. The connected documents describe an XML Signature Wrapping vulnerability in SAML authentication, where an authenticated user with normal privileges can obtain a valid signed message and submit modified signed XML to t...

CVE-2026-44748 XML Signature Wrapping in SAML Authentication in SAP NetWeaver AS ABAP and ABAP Platform

SAP NetWeaver Application Server ABAP and ABAP Platform allows an authenticated attacker with normal privileges to obtain a valid signed message and send modified signed XML documents to the verifier. This may result in acceptance of tampered identity information leading to unauthorized access to...

EUVD-2026-34027

authentik is an open-source identity provider. Prior to versions 2025.12.5, 2026.2.3, and 2026.5.1, authentik's SAML Source ACS endpoint is vulnerable to XML Signature Wrapping when validating upstream SAML responses. An attacker with any account at the upstream IdP can reuse a valid signed...

CVE-2026-47201 authentik: XML Signature Wrapping in SAML Source ACS allows authentication as arbitrary federated user

authentik is an open-source identity provider. Prior to versions 2025.12.5, 2026.2.3, and 2026.5.1, authentik's SAML Source ACS endpoint is vulnerable to XML Signature Wrapping when validating upstream SAML responses. An attacker with any account at the upstream IdP can reuse a valid signed...

CVE-2026-47201

The CVE-2026-47201 entry affects authentik’s SAML Source ACS endpoint, where XML Signature Wrapping can allow an attacker with any upstream-IdP account to authenticate as a different federated user. The issue arises during validation of upstream SAML responses and has been patched in authentik ve...

authentik's XML Signature Wrapping in SAML Source ACS allows authentication as arbitrary federated user

Summary authentik's SAML Source ACS endpoint is vulnerable to XML Signature Wrapping when validating upstream SAML responses. An attacker with any account at the upstream IdP can reuse a valid signed assertion to authenticate as another federated user. Patches authentik 2026.5.1, 2026.2.4 and...

PT-2026-45029

Name of the Vulnerable Software and Affected Versions authentik versions prior to 2025.12.5 authentik versions prior to 2026.2.3 authentik versions prior to 2026.5.1 Description The SAML Source ACS endpoint is susceptible to XML Signature Wrapping, a technique where a valid signature is used to...

SAP NetWeaver AS ABAP XML Signature Wrapping (3697567)

The version of SAP NetWeaver AS ABAP and ABAP Platform detected on the remote host is affected by an XML signature wrapping vulnerability as disclosed in the SAP Security Patch Day February 2026: - SAP NetWeaver AS ABAP and ABAP Platform is affected by an XML signature wrapping vulnerability. An...

CVE-2026-23687 XML Signature Wrapping in SAP NetWeaver AS ABAP and ABAP Platform

SAP NetWeaver Application Server ABAP and ABAP Platform allows an authenticated attacker with normal privileges to obtain a valid signed message and send modified signed XML documents to the verifier. This may result in acceptance of tampered identity information, unauthorized access to sensitive...

MiracleLinux 8 : dotnet6.0-6.0.108-1.el8.ML.1 (AXSA:2022-3785:11)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3785:11 advisory. dotnet: External Entity Injection during XML signature verification CVE-2022-34716 Tenable has extracted the preceding description block directly from the...

MiracleLinux 9 : dotnet6.0-6.0.108-1.el9.ML.1 (AXSA:2022-4039:17)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-4039:17 advisory. dotnet: External Entity Injection during XML signature verification CVE-2022-34716 Tenable has extracted the preceding description block directly from the...

MiracleLinux 8 : lasso-2.6.0-12.el8 (AXSA:2021-2745:02)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2021-2745:02 advisory. lasso: XML signature wrapping vulnerability when parsing SAML responses CVE-2021-28091 Tenable has extracted the preceding description block directly from th...

MiracleLinux 7 : java-1.7.0-openjdk-1.7.0.261-2.6.22.2.0.1.el7.AXS7 (AXSA:2020-029:05)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-029:05 advisory. OpenJDK: Incorrect bounds checks in NIO Buffers Libraries, 8234841 CVE-2020-2803 OpenJDK: Incorrect type checks in MethodType.readObject Libraries,...

MiracleLinux 7 : lasso-2.5.1-8.0.1.el7.AXS7 (AXSA:2021-2283:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2283:01 advisory. lasso: XML signature wrapping vulnerability when parsing SAML responses CVE-2021-28091 Tenable has extracted the preceding description block directly from th...

CVE-2024-34581

The W3C XML Signature Syntax and Processing XMLDsig specification, starting with 1.0, was originally published with a "RetrievalMethod is a URI ... that may be used to obtain key and/or certificate information" statement and no accompanying information about SSRF risks, and this may have...

CVE-2025-40934

CVE-2025-40934 affects the Perl module XML-Sig (versions 0.27–0.67). Multiple sources confirm that unsigned XML files are incorrectly validated: an attacker can remove a signature and have the validator return true, bypassing verification. Red Hat, EU/ENISA, OSV, NVD, and security trackers corrob...

perl-XML-Sig 安全漏洞

perl-XML-Sig is a Net::SAML2 Perl Support open source package for signing and validating XML digital signatures. A security vulnerability exists in perl-XML-Sig versions 0.27 through 0.67, which originates from incorrectly validating unsigned XML files...