Skip to main content

Relyra EUVDEUVD-2026-37950

| CVE-2026-49454 CRITICAL
Improper Authentication (CWE-287)
2026-06-18 GitHub_M GHSA-jv46-xfwm-36j7
9.1
CVSS 3.1 · Vendor: GitHub_M
Share

Severity by source

Vendor (GitHub_M) PRIMARY
9.1 CRITICAL
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
vuln.today AI
9.1 CRITICAL

SAML ACS is network-reachable with no auth or UI; forging a signature is trivial given the missing verify call, yielding full impersonation (C:H/I:H) but no availability impact.

3.1 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
4.0 AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (GitHub_M).

CVSS VectorVendor: GitHub_M

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
None

Lifecycle Timeline

3
Patch available
Jun 18, 2026 - 23:16 EUVD
Source Code Evidence Fetched
Jun 18, 2026 - 21:50 vuln.today
Analysis Generated
Jun 18, 2026 - 21:50 vuln.today

DescriptionCVE.org

Relyra is a strict-by-default SAML 2.0 Service Provider library for Elixir and Phoenix. Versions 1.0.0 and 1.1.0 accept forged SAML signatures because SignatureValue was not cryptographically verified before the library returned a successful authentication result. The XMLDSig trust boundary was incomplete as :public_key.verify over the exclusive-C14N canonicalized SignedInfo was not performed against the configured IdP certificate's public key, DigestValue was not recomputed over the canonicalized referenced element, and canonicalize/2 remained an unused passthrough in the signature-verification path. The result was a structure-only acceptance path where document shape and trust-source rejection could succeed without proving the signature bytes. A forged SignatureValue carrying an attacker-controlled NameID could be accepted as {:ok}. This issue has been fixed in version 1.2.0.

AnalysisAI

{:ok}. No public exploit identified at time of analysis, and the issue is fixed in 1.2.0.

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Recon
Identify Relyra-backed SAML ACS endpoint
Delivery
Obtain IdP entityID and metadata
Exploit
Craft SAML Response with attacker-chosen NameID
Install
Insert forged SignatureValue and DigestValue
C2
POST assertion to ACS callback
Execute
Library skips :public_key.verify and returns {:ok}
Impact
Session established as impersonated user

Vulnerability AssessmentAI

Exploitation Exploitation requires only that the target Phoenix or Elixir application is running Relyra 1.0.0 or 1.1.0 and exposes a SAML ACS endpoint reachable by the attacker; no authentication, no user interaction, no non-default configuration, and no specific IdP is required because the missing :public_key.verify call and missing DigestValue recomputation are unconditional in the affected versions. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 9.1 vector (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N) is well-supported by the technical facts: the SAML ACS endpoint is internet-reachable, no prior authentication or user interaction is needed, and successful exploitation grants the attacker any identity the IdP could assert, which is precisely a high-confidentiality and high-integrity impact with no availability hit. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker who knows the URL of a Relyra-protected Phoenix application's SAML ACS endpoint and the IdP entityID crafts a SAML Response containing a valid-looking Assertion with the victim's email or username in the NameID, a syntactically correct ds:Signature block, and arbitrary bytes in SignatureValue. They POST it to the SP, which performs structural and trust-source checks but never verifies the signature, and the application logs the attacker in as the victim - typically yielding admin or privileged access. …
Remediation Vendor-released patch: upgrade Relyra to version 1.2.0, which introduces a real cryptographically_verify path that calls :public_key.verify over exclusive-C14N canonicalized SignedInfo against the configured IdP certificate and recomputes DigestValue over the canonicalized referenced element, failing closed on every step (see https://github.com/szTheory/relyra/commit/2e456897af3158c175bb490ce7fc51d6241c8922 and the advisory at https://github.com/szTheory/relyra/security/advisories/GHSA-jv46-xfwm-36j7). … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Identify all systems running affected versions and isolate critical instances if patching cannot be completed immediately. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

EUVD-2026-37950 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy