CVE-2026-46490: samlify: XML Injection in AttributeValue Allows Privilege Escalation in Signed SAML Assertions

May 21, 2026 (updated June 9, 2026)

samlify’s template substitution only escapes attribute contexts. Values inserted into element text (e.g., <saml:AttributeValue>) are not escaped. A normal user can inject XML markup into an attribute value (e.g., email, name) and add new <saml:Attribute> elements inside the signed assertion. The IdP then signs the tampered assertion and the SP accepts the injected attributes as trusted. This allows privilege escalation when attributes are used for authorization (roles/groups).

References

github.com/advisories/GHSA-34r5-q4jw-r36m
github.com/tngan/samlify/security/advisories/GHSA-34r5-q4jw-r36m
nvd.nist.gov/vuln/detail/CVE-2026-46490

Code Behaviors & Features

Detect and mitigate CVE-2026-46490 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →