{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-08T09:42:48.851","vulnerabilities":[{"cve":{"id":"CVE-2025-40758","sourceIdentifier":"productcert@siemens.com","published":"2025-08-14T15:15:36.133","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability has been identified in Mendix SAML (Mendix 10.12 compatible) (All versions < V4.0.3), Mendix SAML (Mendix 10.21 compatible) (All versions < V4.1.2), Mendix SAML (Mendix 9.24 compatible) (All versions < V3.6.21). Affected versions of the module insufficiently enforce signature validation and binding checks. This could allow unauthenticated remote attackers to hijack an account in specific SSO configurations."},{"lang":"es","value":"Se ha identificado una vulnerabilidad en Mendix SAML (compatible con Mendix 10.12) (todas las versiones anteriores a la V4.0.3), Mendix SAML (compatible con Mendix 10.21) (todas las versiones anteriores a la V4.1.2) y Mendix SAML (compatible con Mendix 9.24) (todas las versiones anteriores a la V3.6.21). Las versiones afectadas del módulo no aplican correctamente la validación de firmas ni las comprobaciones de vinculación. Esto podría permitir que atacantes remotos no autenticados secuestren una cuenta en configuraciones de SSO específicas."}],"metrics":{"cvssMetricV31":[{"source":"productcert@siemens.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":5.8}]},"weaknesses":[{"source":"productcert@siemens.com","type":"Secondary","description":[{"lang":"en","value":"CWE-347"}]}],"references":[{"url":"https://cert-portal.siemens.com/productcert/html/ssa-395458.html","source":"productcert@siemens.com"}]}}]}