Spring Security 7.0.0-7.0.5 - Stored Serialized Payload via JdbcAPMRepo
CVE-2026-40993 Published on June 9, 2026

Unfiltered Java Native Deserialization of SAML 2.0 Asserting Party Credentials BLOB Database Entry
An attacker with write permissions to the database table managed by JdbcAssertingPartyMetadataRepository (saml2_asserting_party_metadata) may be able to store malicious serialized payloads in the columns containing the collection of verification or encryption credentials (verification_credentials and encryption_credentials, respectively). Affected versions: Spring Security 7.0.0 through 7.0.5.

NVD

Vulnerability Analysis

Attack Vector:

ADJACENT_NETWORK

Attack Complexity:

HIGH

Privileges Required:

HIGH

User Interaction:

NONE

Scope:

CHANGED

Confidentiality Impact:

NONE

Integrity Impact:

HIGH

Availability Impact:

HIGH

Weakness Type

What is a Marshaling, Unmarshaling Vulnerability?

The application deserializes untrusted data without sufficiently verifying that the resulting data will be valid.

CVE-2026-40993 has been classified to as a Marshaling, Unmarshaling vulnerability or weakness.

Products Associated with CVE-2026-40993

Want to know whenever a new CVE is published for VMware Spring Framework? stack.watch will email you.

VMware Spring Framework

Affected Versions

Spring Security:

Version 7.0.0 and below 7.0.6 is affected.

Spring Security 7.0.0-7.0.5 - Stored Serialized Payload via JdbcAPMRepoCVE-2026-40993 Published on June 9, 2026

Vulnerability Analysis

Weakness Type

What is a Marshaling, Unmarshaling Vulnerability?

Products Associated with CVE-2026-40993

Affected Versions

Spring Security 7.0.0-7.0.5 - Stored Serialized Payload via JdbcAPMRepo
CVE-2026-40993 Published on June 9, 2026