Ory Polis
1 CVEs affecting Ory Polis. Latest disclosed: 2026-03-26. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-33506 | High | 8.8 | 2026-03-26 | Ory Polis, formerly known as BoxyHQ Jackson, bridges or proxies a SAML login flow to OAuth 2.0 or OpenID Connect. Versions prior to 26.2.0 contain a DOM-based… |