Published: Wednesday, 10 December 2025 at 12:32 UTC Updated: Wednesday, 21 January 2026 at 10:34 UTC This post shows how to achieve a full authentication bypass in the Ruby and PHP SAML ecosystem by exploiting several parser-level inconsistencies: including attribute pollution, namespace confusion, and a new class of Void Canonicalization attacks. These techniques allow an attacker to completely b...