Two critical authentication bypass vulnerabilities have been discovered in the ruby-saml library, potentially exposing numerous web applications to account takeover attacks. Security researchers from GitHub Security Lab have identified parser differential vulnerabilities (CVE-2025-25291 and CVE-2025-25292) affecting ruby-saml versions up to 1.17.0, which could allow attackers to impersonate any user within affected systems. GitHub reports that […]
The post Critical ruby-saml Vulnerabilities Let Attackers Bypass Authentication appeared first on Cyber Security News.
This article has been indexed from Cyber Security News