Aikido Intel
Secure My Code
Intel

AIKIDO-2026-11170

spring-security-saml2-service-provider is vulnerable to Improper Verification of Cryptographic Signature

Improper Verification of Cryptographic SignatureCVE-2026-41694 Published Today

37

Low Risk

This Affects:

JAVAspring-security-saml2-service-provider
0.0.1 - 5.7.23
Fixed in 5.7.24
5.8.0 - 5.8.25
Fixed in 5.8.26
6.0.0 - 6.3.16
Fixed in 6.3.17
6.4.0 - 6.4.16
Fixed in 6.4.17
6.5.0 - 6.5.10
Fixed in 6.5.11
7.0.0 - 7.0.5
Fixed in 7.0.6
Are you affected? Scan for Free

TL;DR

Since Spring Security SAML decrypts SAML Responses as well as elements of SAML LogoutRequests and LogoutResponses without requiring a valid signature, attackers may be able to craft these SAML payloads and use the Service Provider as a decryption oracle.

Who does this affect?

You are affected if you are using a version that falls within the vulnerable range.

Background info

spring-security-saml2-service-provider is vulnerable to Improper Verification of Cryptographic Signature in versions 0.0.1 - 5.7.23, 5.8.0 - 5.8.25, 6.0.0 - 6.3.16, 6.4.0 - 6.4.16, 6.5.0 - 6.5.10 and 7.0.0 - 7.0.5.

How to fix this

Upgrade the org.springframework.security:spring-security-saml2-service-provider library to the patch version.

Links

Are You Affected?

Connect your repositories to instantly see whether vulnerable or malicious packages exist in your codebase.

Scan for Free
Book a Demo

Free. No credit card required.

Aikido Platform
Subscribe
Stay up to date with all updates
LinkedIn YouTube X
© 2026 Aikido Security BV | BE0792914919
Ghent, Belgium | San Francisco, US
SOC 2SOC 2Compliant
ISO 27001ISO 27001Compliant
Get Security Done