diff --git a/.changeset/fix-deps-security-overrides.md b/.changeset/fix-deps-security-overrides.md
new file mode 100644
index 0000000000..decc8dfdf7
--- /dev/null
+++ b/.changeset/fix-deps-security-overrides.md
@@ -0,0 +1,5 @@
+---
+"@better-auth/sso": patch
+---
+
+pin `samlify` to `~2.10.2` to avoid breaking changes in v2.11.0 and patch transitive `node-forge` vulnerability (4 HIGH CVEs: signature forgery, cert chain bypass, DoS)