Saml

vulnerabilities 2026-05-09
Sentry CVE-2026-42354: Incomplete Fix Reopens SAML SSO Account Takeover
Sentry self-hosted is vulnerable again to cross-organization SAML account takeover, three months after CVE-2026-27197 was supposedly patched. Upgrade to 26.4.1.
sentry saml sso cve-2026-42354 incomplete-fix account-takeover authentication-bypass
vulnerabilities 2026-03-31 Critical
CVE-2026-3055: NetScaler SAML IDP Memory Overread Is Under Active Recon — Patch Before April 2
Attackers are actively probing Citrix NetScaler ADC/Gateway for CVE-2026-3055, a CVSS 9.3 memory overread that can leak session tokens from SAML IDP-configured appliances. CISA deadline is April 2.
citrix netscaler saml cve-2026-3055 memory-disclosure session-hijacking cisa-kev

Sentry CVE-2026-42354: Incomplete Fix Reopens SAML SSO Account Takeover