CVE-2025-66568

CriticalMedium RiskPatched

Ruby-SAML Authentication Bypass

CVSS Score

9.1

Severity

Critical

RubyGemsruby-samlv1.18.0View on RubyGems →

Fixed in: ruby-saml (RubyGems): 1.18.0

Weaponized

Detectable

Yes

CISA KEV

Not Listed

Risk Level

Medium Risk

Detection Sources

osv

Sign in to get the plain English explanation including what systems are affected, how to fix it, and vendor advisory links.

Published: 12/9/2025