CYBERHAWK / CVE / CVE-2026-46490

CVE-2026-46490

HIGH CVSS 8.8 other

The flaw

samlify is a Node.js library for SAML single sign-on. Prior to version 2.13.0, samlify’s template substitution only escapes attribute contexts. Values inserted into element text (e.g., <saml:AttributeValue>) are not escaped. A normal user c

What to do

Review advisory and patch per vendor guidance.

▸ Scan my repo for CVE-2026-46490

References

NVD CISA KEV OSV GitHub Advisory MITRE News search

First seen 2026-06-12 · Tracked by PickBits CyberHawk · Weekly CVE digest

← All CVEs RSS Scheduled audits