The vulnerability identified as CVE-2026-32600 affects the xml-security library used by simplesamlphp, a widely used PHP implementation for SAML authentication. The library implements XML encryption and signatures, including AES-GCM modes (aes-128-gcm, aes-192-gcm, aes-256-gcm). Prior to version 2.3.1, the library fails to properly validate the length of the authentication tag in AES-GCM encrypted XML nodes. AES-GCM encryption relies on a cryptographic authentication tag to ensure data integrity and authenticity. Without proper validation of this tag's length, an attacker can perform a brute-force attack on the authentication tag, enabling recovery of the GHASH key used internally by AES-GCM. With the GHASH key, the attacker can decrypt encrypted XML nodes, exposing sensitive information. Additionally, the attacker can forge arbitrary ciphertexts without possessing the encryption key, undermining the integrity of the encrypted data. This vulnerability is particularly dangerous because it does not require any privileges or user interaction and can be exploited remotely. The CVSS v3.1 score is 8.2 (high), reflecting the ease of exploitation and the significant confidentiality impact. The vulnerability was published on March 13, 2026, and is fixed in xml-security version 2.3.1. No known exploits are currently reported in the wild, but the potential impact warrants immediate remediation.

The primary impact of CVE-2026-32600 is a severe compromise of confidentiality for systems using vulnerable versions of the xml-security library. Attackers can decrypt sensitive XML data, potentially exposing authentication tokens, personal data, or other confidential information transmitted via SAML assertions or other XML-encrypted payloads. The ability to forge ciphertexts also threatens data integrity, allowing attackers to inject malicious or altered data that may bypass security controls or cause application logic errors. Since simplesamlphp is widely used for federated identity management, this vulnerability could lead to unauthorized access, identity spoofing, or session hijacking in affected environments. The lack of required privileges or user interaction increases the risk of automated exploitation. Organizations relying on this library for authentication or encryption services face risks of data breaches, compliance violations, and reputational damage. The absence of known exploits in the wild suggests a window for proactive mitigation, but the vulnerability's nature makes it a critical concern for identity providers and service providers globally.

The most effective mitigation is to upgrade the xml-security library to version 2.3.1 or later, where the authentication tag length validation issue is fixed. Organizations should audit their software dependencies to identify usage of vulnerable versions and prioritize patching. If immediate upgrade is not feasible, consider implementing compensating controls such as additional encryption layers or network segmentation to limit exposure. Monitoring for unusual decryption attempts or malformed XML payloads can help detect exploitation attempts. Security teams should review SAML assertion handling and ensure that any XML processing is done with libraries that properly validate cryptographic parameters. Additionally, applying strict input validation and employing runtime application self-protection (RASP) can reduce the risk of exploitation. Finally, coordinate with vendors and service providers to confirm they have addressed this vulnerability in their products.