[Low] CVE-2026-41694 – Since Spring Security SAML decrypts SAML Responses as well as elements of SAML L...
Low CVE-2026-41694 Since Spring Security SAML decrypts SAML Responses as well as elements of SAML LogoutRequests and LogoutResponses without requiring a valid signature, attackers may be able to craft these SAML payloads and use the Service Provider as a decryption oracle. Affected versions:...