CVE-2026-41005
Cloud Foundry UAA (uaa_release 2.0.0–78.13.0) and CF Deployment up to 56.1.0 are affected by CVE-2026-41005, where XML encryption intended for confidentiality in SAML content was incorrectly treated as a substitute for XML signatures, enabling authentication bypass in two flows: OAuth 2.0 SAML2 b...