CVE-2026-5343

CVSS v3.1

7.4

High

Vector

AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

Name of the Vulnerable Software and Affected Versions Drupal SAML SSO - Service Provider versions 0.0.0 through 3.1.3

Description This module enables SAML-protocol-based single-sign-on (SSO) on a Drupal site. An improper check for unusual or exceptional conditions allows for an authentication bypass, which can lead to privilege escalation.

Recommendations Update to version 3.1.4.

Fix

Improper Check for Exceptional Conditions

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-754

Related Identifiers

CVE-2026-5343

DRUPAL-CONTRIB-2026-031

Affected Products

Saml Sso - Service Provider

Miniorange Drupal Saml Sp

CVE-2026-5343

Weakness Enumeration

Related Identifiers

Affected Products

References · 3