A critical vulnerability, tracked as CVE-2026-41005, has been identified in Cloud Foundry's User Account and Authentication (UAA) component. This flaw, scoring 9.0 on the CVSS scale, allows attackers to bypass SAML authentication by exploiting a logic error that incorrectly treats XML encryption as a proof of authenticity. Consequently, attackers can forge SAML assertions, leading to unauthorized access.
The vulnerability affects all uaa_release versions from 2.0.0 to 78.13.0 and necessitates immediate patching, with suggested upgrades to uaa_release 78.15.0 or higher. Disabling unsigned assertion acceptance is recommended as a temporary measure.