CVE-2026-40993 | Vmware Spring Security up to 7.0.5 Database Table JdbcAssertingPartyMetadataRepository saml2_asserting_party_metadata deserialization

A vulnerability was found in Vmware Spring Security up to 7.0.5 and classified as problematic. This vulnerability affects the function JdbcAssertingPartyMetadataRepository of the component Database Table Handler. Such manipulation of the argument saml2_asserting_party_metadata leads to deserialization.

This vulnerability is referenced as CVE-2026-40993. The attack needs to be initiated within the local network. No exploit is available.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More