All 2 CVE vulnerabilities found in xml-security, with AI-generated Chinese analysis, references, and POCs.
Vendor: simplesamlphp
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-32600 | xml-security is Missing AES-GCM Authentication Tag Validation on Encrypted Nodes Allows for Unauthorized Decryption CWE-354 | 8.2 | High | 2026-03-13 |
| CVE-2023-49087 | Validation of SignedInfo CWE-345 | 6.8 | Medium | 2023-11-30 |
All 2 known CVE vulnerabilities affecting xml-security with full Chinese analysis, references, and POCs where available.