CVE-2026-41103: confluence saml sso vulnerability

Incorrect implementation of authentication algorithm in Microsoft SSO Plugin for Jira & Confluence allows an unauthorized attacker to elevate privileges over a network.
CVE-2026-41103CVSS 9.1Windows

CVE-2026-41103: confluence saml sso vulnerability

Incorrect implementation of authentication algorithm in Microsoft SSO Plugin for Jira & Confluence allows an unauthorized attacker to elevate privileges over a network.

CVSS
9.1 CRITICAL
EPSS
91.68%
Known exploited
not in KEV
Product
confluence saml sso

What is known

Incorrect implementation of authentication algorithm in Microsoft SSO Plugin for Jira & Confluence allows an unauthorized attacker to elevate privileges over a network.

Sources