CVE-2026-32600
Published: 16 March 2026
Summary
CVE-2026-32600 is a high-severity Improper Validation of Integrity Check Value (CWE-354) vulnerability in Simplesamlphp Xml-Security. Its CVSS base score is 8.2 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 5.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 RA-5 (Vulnerability Monitoring and Scanning) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly requires identification, reporting, and patching of flaws like the authentication tag length validation failure in vulnerable xml-security library versions prior to 2.3.1/1.13.9.
Enables automated scanning to identify systems using vulnerable xml-security library versions affected by CVE-2026-32600, facilitating timely remediation.
Mandates use of organization-defined cryptographic mechanisms with proper GCM authentication tag validation, reducing reliance on flawed libraries like xml-security.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Vulnerability description explicitly describes remote unauthenticated network exploitation against applications using the flawed XML encryption library (T1190) combined with successful brute-force recovery of the GHASH key via insufficient GCM authentication tag validation (T1110.002).
NVD Description
xml-security is a library that implements XML signatures and encryption. Prior to versions 2.3.1 and 1.13.9, XML nodes encrypted with either aes-128-gcm, aes-192-gcm, or aes-256-gcm lack validation of the authentication tag length. An attacker can use this to brute-force an…
more
authentication tag, recover the GHASH key, and decrypt the encrypted nodes. It also allows to forge arbitrary ciphertexts without knowing the encryption key. This vulnerability is fixed in 2.3.1 and 1.13.9.
Deeper analysisAI
CVE-2026-32600 affects the xml-security library, which implements XML signatures and encryption. In versions prior to 2.3.1 and 1.13.9, XML nodes encrypted using AES-128-GCM, AES-192-GCM, or AES-256-GCM fail to validate the authentication tag length, violating proper GCM handling as described in CWE-354 (Insufficient Entropy in Random Number Generator, tied to authentication tag issues). This flaw enables cryptographic weaknesses in XML encryption processing.
A remote, unauthenticated attacker with network access can exploit this vulnerability with low complexity and no user interaction, as indicated by its CVSS v3.1 base score of 8.2 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N). Successful exploitation allows brute-forcing the authentication tag to recover the GHASH key, decrypting affected XML nodes and exposing confidential data. Additionally, attackers can forge arbitrary ciphertexts without knowledge of the encryption key, potentially enabling integrity violations.
The xml-security GitHub security advisory (GHSA-r353-4845-pr5p) and related commits detail the fix, recommending an upgrade to version 2.3.1 or 1.13.9, where authentication tag length validation is properly enforced. Practitioners should review dependencies using this library, such as in SimpleSAMLphp integrations, and apply patches immediately to mitigate risks.
Details
- CWE(s)