CVE-2025-47949 – Samlify SAML Response Signature Wrapping Vulnerability

May 19, 2025

CVE ID : CVE-2025-47949

Published : May 19, 2025, 8:15 p.m. | 2 hours, 33 minutes ago

Description : samlify is a Node.js library for SAML single sign-on. A Signature Wrapping attack has been found in samlify prior to version 2.10.0, allowing an attacker to forge a SAML Response to authenticate as any user. An attacker would need a signed XML document by the identity provider. Version 2.10.0 fixes the issue.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-47946 – Symfony UX Twig Component Attribute Injection XSS

Next Article CVE-2025-47944 – Multer Denial of Service

Highlights

Microsoft warns of 66 flaws to fix for this Patch Tuesday, and two are under active attack

June 10, 2025

Microsoft warns of 66 flaws to fix for this Patch Tuesday, and two are under active attack

Patch Tuesday It’s Patch Tuesday time again, and Microsoft is warning that there are a bunch of critical fixes to sort out – and two actively exploited bugs.
Redmond reported 66 flaws to be fixed in i …
Read more

Published Date:
Jun 10, 2025 (1 hour, 25 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-47953

CVE-2025-47172

CVE-2025-47167

CVE-2025-47164

CVE-2025-47162

CVE-2025-33073

CVE-2025-33071

CVE-2025-33070

CVE-2025-33053

CVE-2025-32710

CVE-2025-29828

CVE-2025-42989

CVE-2025-47966

CVE-2025-5419

CVE-2023-42788

Stop writing tests: Automate fully with Generative AI

Opsera’s Codeglide.ai lets developers easily turn legacy APIs into MCP servers

Black Duck Security GitHub App, NuGet MCP Server preview, and more – Daily News Digest

10 Ways Node.js Development Boosts AI & Real-Time Data (2025-2026 Edition)

Agents panel: Launch Copilot coding agent tasks anywhere on GitHub

CodeSOD: I Am Not 200

How much RAM does your Linux PC really need in 2025?

Have solar at home? Supercharge that investment with this other crucial component

Understanding Tailwind CSS Safelist: Keep Your Dynamic Classes Safe!

Understanding Tailwind CSS Safelist: Keep Your Dynamic Classes Safe!

Sitecore’s Content SDK: Everything You Need to Know

Fueling Success Through Work-Life Balance and Self-Care

Why GNOME Replaced Eye of GNOME with Loupe as the Default Image Viewer

Why GNOME Replaced Eye of GNOME with Loupe as the Default Image Viewer

Microsoft admits it broke “Reset this PC” in Windows 11 23H2 KB5063875, Windows 10 KB5063709

How to Fix “EA AntiCheat Has Detected an Incompatible Driver” on Windows 11?

CVE-2025-47949 – Samlify SAML Response Signature Wrapping Vulnerability

Investors beware: AI-powered financial scams swamp social media

PyPI Blocks 1,800 Expired-Domain Emails to Prevent Account Takeovers and Supply Chain Attacks

Farmonics Dry Seeds Mix – 5-in-1 Superfood Blend for Daily Wellness

CVE-2025-46528 – Steve Availability Calendar CSRF Stored XSS

How To Enable Google AI Mode in India

Behind the Scenes: Building a Robust Ads Event Processing Pipeline

Microsoft warns of 66 flaws to fix for this Patch Tuesday, and two are under active attack

What I Wish Someone Told Me When I Was Getting Into ARIA

7 Ways to Improve Your Online Checkout Process in E-Commerce

CVE-2025-40579 – Siemens SCALANCE LPE9403 Stack-Based Buffer Overflow Vulnerability

CVE-2025-47949 – Samlify SAML Response Signature Wrapping Vulnerability

Related Posts