PKSA-yk3g-3g3t-ts6q Security Advisory
-
[HIGH] SimpleSAMLphp HTTP-Artifact TLS validator confusion allows cross-IdP authentication bypass
PKSA-yk3g-3g3t-ts6q CVE-2026-49283 GHSA-6929-8p9f-26jx
Affected package: simplesamlphp/saml2
Affected version: <4.20.2|>=5.0.0,<5.0.6|>=6.0.0,<6.2.1
Reported by:
GitHub