CVE-2025-47949

Published May 19, 2025

Last updated a month ago

CVSS critical 9.9

Overview

Description
samlify is a Node.js library for SAML single sign-on. A Signature Wrapping attack has been found in samlify prior to version 2.10.0, allowing an attacker to forge a SAML Response to authenticate as any user. An attacker would need a signed XML document by the identity provider. Version 2.10.0 fixes the issue.
Source
security-advisories@github.com
NVD status
Awaiting Analysis

Risk scores

CVSS 4.0

Type
Secondary
Base score
9.9
Impact score
-
Exploitability score
-
Vector string
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Severity
CRITICAL

Weaknesses

security-advisories@github.com
CWE-347

Social media

Hype score
Not currently trending

  1. samlify SAML ライブラリの脆弱性 CVE-2025-47949 が FIX:SSW 攻撃ベクターの発生とエンタープライズへの影響 https://t.co/yjEq0kpEd0 Node.js 向け SAML ライブラリである samlify に、CVSSv4 値が 9.9

    @iototsecnews

    2 Jun 2025

    16 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. https://t.co/YwmzMhKsw3 Information on the likelihood and impact of CVE-2025-47949

    @BentleyAudrey

    29 May 2025

    374 Impressions

    0 Retweets

    5 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. A critical vulnerability (CVE-2025-47949) in the Samlify library allows admin impersonation via unsigned SAML assertions. Users should upgrade to version 2.10.0 despite no active exploitation reported. Immediate action advised. #Security https://t.co/OadwoqUkRb

    @Strivehawk

    22 May 2025

    22 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. 🛑 Critical Samlify SSO Flaw Enables Admin Login Bypass CVE-2025-47949 lets attackers inject unsigned assertions to hijack admin sessions. No interaction needed. Patch to 2.10.0 now! https://t.co/HbIdmKLpaj #SSO #CyberSecurity #Infosec https://t.co/a8Ik5acdzG

    @dCypherIO

    22 May 2025

    27 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. Da Recall ai bug Versa: ecosistema di identità digitale fragile e facilmente compromettibile Sicurezza Informatica, Active Directory, bypass autenticazione, CVE-2025-34025, CVE-2025-47949, orchestrazione SD-WAN, SAML parsing flaw, Samlify, Signal DRM, SS… https://t.co/UI4GpELa

    @matricedigitale

    22 May 2025

    27 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. 🚨 A critical #vulnerability in the Samlify library (CVE-2025-47949) allows attackers to bypass authentication and impersonate admin users. This flaw affects all versions prior to 2.10.0, posing a high-priority risk for SAML-based #SSO systems☝️ https://t.co/OFLI9HPG4r

    @manuelbissey

    22 May 2025

    38 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  7. CVE-2025-47949: Samlify Vulnerability Allows Admin Account Takeover #Samlify #CVE202547949 #CyberSecurity #SSOExploit #NodeJS #AdminTakeover #SAML #InfoSec #Vulnerability #UpdateNow https://t.co/kwoyN02n1a

    @cyashadotcom

    22 May 2025

    1 Impression

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  8. サムリファイ(Samlify)SSOの重大な欠陥により、攻撃者が管理者としてログイン可能(CVE-2025-47949) https://t.co/mYVyOoYN0c #Security #セキュリティ #ニュース

    @SecureShield_

    22 May 2025

    29 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  9. A critical vulnerability (CVE-2025-47949) in Samlify before version 2.10.0 allows attackers to impersonate admins via malicious SAML assertions, risking full access. No active exploits reported. 🔐 #SAML #Security #UK https://t.co/zuu1grGzEL

    @TweetThreatNews

    21 May 2025

    76 Impressions

    0 Retweets

    1 Like

    1 Bookmark

    0 Replies

    0 Quotes

  10. Critical vulnerability in samlify (CVE-2025-47949) lets attackers bypass auth and impersonate admins via SAML signature wrapping. Patch to v2.10.0 now. Details: https://t.co/SXDoRC0cZw

    @RedTeamNewsBlog

    21 May 2025

    28 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  11. 🚨Upozorňujeme na kritickou zranitelnost v Node.js knihovně samlify, CVE-2025-47949. Samlify je široce používaná pro implementaci jednotného přihlašování (SSO) na bázi SAML 2.0. Tato chyba umožňuje útočníkům zneužít slabinu v SAML Signature Wrapping (SSW),

    @GOVCERT_CZ

    20 May 2025

    10 Impressions

    1 Retweet

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  12. CVE-2025-47949 samlify is a Node.js library for SAML single sign-on. A Signature Wrapping attack has been found in samlify prior to version 2.10.0, allowing an attacker to forge a S… https://t.co/oC27I1NLou

    @CVEnew

    19 May 2025

    158 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  13. [CVE-2025-47949: CRITICAL] ⚠️ Attention Node.js developers! Address the Signature Wrapping attack in SAML single sign-on with samlify v2.10.0. Update now to secure your application. #cybersecurity#cve,CVE-2025-47949,#cybersecurity https://t.co/P5B30JY7AL https://t.co/Z1LVXQaR

    @CveFindCom

    19 May 2025

    30 Impressions

    1 Retweet

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References

Sources include official advisories and independent security research.