CVE-2026-9096
Deferred Deferred - Pending Action
Casdoor SAML Assertion Time Validation Bypass

Publication date: 2026-05-28

Last updated on: 2026-06-02

Assigner: CERT/CC

Description
Casdoor versions 2.362.0 and earlier do not enforce SAML assertion time bounds. The gosaml2 library reports all time-validation results, including NotOnOrAfter and NotBefore, in the assertionInfo.WarningInfo field. However, ParseSamlResponse() never reads this field, meaning that time bounds are computed by the library but silently discarded before the user session is issued.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-28
Last Modified
2026-06-02
Generated
2026-06-18
AI Q&A
2026-05-28
EPSS Evaluated
2026-06-16
NVD
CVE-2026-9096
EUVD
EUVD-2026-32950
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
casdoor casdoor to 2.362.0 (exc)
gosaml2 gosaml2 *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in Casdoor versions 2.362.0 and earlier, where the system does not enforce SAML assertion time bounds properly. Although the gosaml2 library detects and reports time-validation results such as NotOnOrAfter and NotBefore in the assertionInfo.WarningInfo field, the Casdoor function ParseSamlResponse() does not read this field. As a result, the time bounds are computed but ignored, allowing user sessions to be issued without verifying if the SAML assertion is within its valid time window.

Impact Analysis

Because Casdoor does not enforce the time validity of SAML assertions, an attacker could potentially use expired or not yet valid assertions to gain unauthorized access. This could lead to unauthorized user sessions being created, compromising the security of the system and potentially allowing attackers to impersonate users or access sensitive information.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-9096. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart