CVE Catalog

CVE-2026-40993

HighCVSS 7.3
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.20%

10th percentile - higher than 10% of all known CVEs

Summary

A vulnerability in Spring Security allows an attacker with write permissions to the database table managed by JdbcAssertingPartyMetadataRepository (saml2_asserting_party_metadata) to store malicious serialized payloads in the columns containing the collection of verification or encryption credentials (verification_credentials and encryption_credentials, respectively).

Risk Assessment

The risk involves potential remote code execution or privilege escalation through deserialization of malicious data, which could lead to application compromise or data breach.

Recommendation

Immediately update Spring Security to version 7.0.6 or later, which includes a fix for the vulnerability. Additionally, restrict write permissions to the saml2_asserting_party_metadata table to trusted entities only.

Original NVD description (English source)

An attacker with write permissions to the database table managed by JdbcAssertingPartyMetadataRepository (saml2_asserting_party_metadata) may be able to store malicious serialized payloads in the columns containing the collection of verification or encryption credentials (verification_credentials and encryption_credentials, respectively). Affected versions: Spring Security 7.0.0 through 7.0.5.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS