CVE-2025-47949 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	UNKNOWN				---
GitHub_M	CNA	---				---
CISA-ADP	ADP	---				---

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: 4%

Common Weakness Enumeration

CWE-347 - Improper Verification of Cryptographic Signature
The software does not verify, or incorrectly verifies, the cryptographic signature for data.

Vulnerability Media Exposure

[GERMAN] Authentifizierung: Kritische Lücke in Samlify macht Angreifer zu Admins
Ein Sicherheitsupdate schließt eine Schwachstelle in der SAML-Bibiliothek Samlify. Attacken sollen vergleichsweise einfach sein.
Published: 2025-05-22T08:23:00+00:00
[ENGLISH] ⚡ Weekly Recap: APT Campaigns, Browser Hijacks, AI Malware, Cloud Breaches and Critical CVEs
Cyber threats don't show up one at a time anymore. They’re layered, planned, and often stay hidden until it’s too late. For cybersecurity teams, the key isn’t just reacting to alerts—it’s spotting early signs of trouble before they become real threats. This update is designed to deliver clear, accurate insights based on real patterns and changes we can verify. With today’s complex systems, we
Published: 2025-05-26T14:53:00+05:30

References

https://github.com/tngan/samlify/commit/115679acd89f0a37ea3ebd8fff7db54fca3e8af3

https://github.com/tngan/samlify/security/advisories/GHSA-r683-v43c-6xqv