CVE-2026-40988
Received Received - Intake
Denial of Service in Spring Security SAML 2.0

Publication date: 2026-06-10

Last updated on: 2026-06-10

Assigner: VMware

Description
An application using spring-security-saml2-service-provider and the REDIRECT binding for SAML 2.0 Login or Logout may be vulnerable to a denial of service by way of an unbounded writer that inflates the compressed SAML payload into memory. Affected versions: Spring Security 5.7.0 through 5.7.23; 5.8.0 through 5.8.25; 6.3.0 through 6.3.16; 6.4.0 through 6.4.16; 6.5.0 through 6.5.10; 7.0.0 through 7.0.5.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-10
Last Modified
2026-06-10
Generated
2026-06-10
AI Q&A
2026-06-10
EPSS Evaluated
N/A
NVD
CVE-2026-40988
EUVD
EUVD-2026-35883
Affected Vendors & Products
Showing 6 associated CPEs
Vendor Product Version / Range
vmware spring_security From 5.7.0 (inc) to 5.7.23 (inc)
vmware spring_security From 5.8.0 (inc) to 5.8.25 (inc)
vmware spring_security From 6.3.0 (inc) to 6.3.16 (inc)
vmware spring_security From 6.4.0 (inc) to 6.4.16 (inc)
vmware spring_security From 6.5.0 (inc) to 6.5.10 (inc)
vmware spring_security From 7.0.0 (inc) to 7.0.5 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-400 The product does not properly control the allocation and maintenance of a limited resource.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-40988 is a vulnerability in applications using the Spring Security SAML 2.0 Service Provider with the REDIRECT binding for login or logout.

The issue arises from an unbounded writer that inflates a compressed SAML payload into memory during decompression, which can be exploited by a malicious actor to cause a denial of service.

This means that a specially crafted SAML payload can consume excessive memory resources, potentially crashing or severely degrading the performance of the affected application.

Impact Analysis

This vulnerability can lead to a denial of service (DoS) condition by exhausting memory resources when processing a malicious SAML payload.

As a result, the affected application may become unresponsive or crash, disrupting authentication services and potentially causing downtime.

Since the CVSS score indicates a high impact on availability, this can significantly affect the reliability and availability of systems relying on Spring Security SAML 2.0 Service Provider.

Mitigation Strategies

To mitigate this vulnerability, affected users should upgrade to the fixed versions of Spring Security as specified for their version series.

Additionally, it is recommended to disable SAML Responses in GET requests as a precautionary measure to reduce the risk of exploitation.

Some patches may require Enterprise Support to obtain.

Compliance Impact

The provided information does not specify any direct impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-40988. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart