Medium severity4.0NVD Advisory· Published Mar 28, 2025· Updated Apr 15, 2026

CVE-2025-31335

Description

The OpenSAML C++ library before 3.3.1 allows forging of signed SAML messages via parameter manipulation (when using SAML bindings that rely on non-XML signatures).

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

lists.debian.org/debian-security-announce/2025/msg00041.htmlnvd
shibboleth.atlassian.net/browse/CPPOST-126nvd
shibboleth.net/community/advisories/secadv_20250313.txtnvd

News mentions

No linked articles in our index yet.

cvss	0.260
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000