CVE-2025-66475

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Name of the Vulnerable Software and Affected Versions php-saml (affected versions not specified)

Description A signature wrapping issue exists in php-saml. The issue stems from a Libxml2 canonicalization error that can bypass digest and signature validation. This affects SimpleSAML, LightSAML, and OneLogin. The vulnerability is related to the SAML PHP Toolkit and xmlseclibs.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2025-66475

Affected Products

Lightsaml

Onelogin

Simplesaml

Php-Saml

Xmlseclibs

CVE-2025-66475

Related Identifiers

Affected Products

References · 2