CVE-2026-9090
CVE-2026-9090
CVSS Score
9.1
EPSS Score
0.0%
EPSS Percentile
1th
Casdoor versions 2.362.0 and earlier contain a vulnerability that allows an attacker to bypass authentication by supplying an arbitrary signing certificate. The buildSpCertificateStore function extracts the X.509 certificate directly from the incoming SAMLResponse instead of using the trusted pre-configured Identity Provider certificate, allowing an attacker to forge assertions signed with an attacker-controlled key.
| Vendor | casdoor |
| Product | casdoor |
| Published | May 28, 2026 |
| Last Updated | May 29, 2026 |
Stay Ahead of the Next One
Get instant alerts for casdoor casdoor
Be the first to know when new critical vulnerabilities affecting casdoor casdoor are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
Casdoor / Casdoor
0 โค 2.362.0