What is CVE-2026-41669?

CVE-2026-41669 is a high-severity vulnerability in Admidio, classified under Improper Verification of Cryptographic Signature. CVSS score: 8.2/10. Published 2026-05-07.

How severe is CVE-2026-41669?

High severity. CVSS v3 base score is 8.2 out of 10.

Vulnerability in Admidio

CVE-2026-41669

Admidio is an open-source user management solution. Prior to version 5.0.9, the Admidio SAML Identity Provider implementation discards the return value of its validateSignature() method at both call sites (handleSSORequest() line 418 and h…

EPSS: 0.000 (0.8th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.2 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N.

Affected products

Admidio — versions < 5.0.9

Weakness classification (CWE)

CWE-347 — Improper Verification of Cryptographic Signature

References

https://github.com/Admidio/admidio/releases/tag/v5.0.9 (x_refsource_MISC)
https://github.com/Admidio/admidio/security/advisories/GHSA-25cw-98hg-g3cg (x_refsource_CONFIRM)

Frequently asked questions

What is CVE-2026-41669?: CVE-2026-41669 is a high-severity vulnerability in Admidio, classified under Improper Verification of Cryptographic Signature. CVSS score: 8.2/10. Published 2026-05-07.
How severe is CVE-2026-41669?: High severity. CVSS v3 base score is 8.2 out of 10.