diff --git a/config/src/test/java/org/springframework/security/SerializationSamples.java b/config/src/test/java/org/springframework/security/SerializationSamples.java
index 82297189ea..0093b902b8 100644
--- a/config/src/test/java/org/springframework/security/SerializationSamples.java
+++ b/config/src/test/java/org/springframework/security/SerializationSamples.java
@@ -211,6 +211,7 @@ import org.springframework.security.web.webauthn.api.AuthenticationExtensionsCli
 import org.springframework.security.web.webauthn.api.AuthenticationExtensionsClientOutputs;
 import org.springframework.security.web.webauthn.api.AuthenticatorAssertionResponse;
 import org.springframework.security.web.webauthn.api.AuthenticatorAttachment;
+import org.springframework.security.web.webauthn.api.AuthenticatorAttestationResponse;
 import org.springframework.security.web.webauthn.api.AuthenticatorTransport;
 import org.springframework.security.web.webauthn.api.Bytes;
 import org.springframework.security.web.webauthn.api.CredProtectAuthenticationExtensionsClientInput;
@@ -225,6 +226,7 @@ import org.springframework.security.web.webauthn.api.PublicKeyCredentialRequestO
 import org.springframework.security.web.webauthn.api.PublicKeyCredentialType;
 import org.springframework.security.web.webauthn.api.PublicKeyCredentialUserEntity;
 import org.springframework.security.web.webauthn.api.TestAuthenticationAssertionResponses;
+import org.springframework.security.web.webauthn.api.TestAuthenticatorAttestationResponses;
 import org.springframework.security.web.webauthn.api.TestBytes;
 import org.springframework.security.web.webauthn.api.TestPublicKeyCredentialRequestOptions;
 import org.springframework.security.web.webauthn.api.TestPublicKeyCredentialUserEntities;
@@ -654,6 +656,8 @@ final class SerializationSamples {
 		generatorByClassName.put(CredentialPropertiesOutput.class, (o) -> credentialOutput);
 		generatorByClassName.put(ImmutableAuthenticationExtensionsClientOutputs.class, (o) -> outputs);
 		generatorByClassName.put(AuthenticatorAssertionResponse.class, (r) -> response);
+		generatorByClassName.put(AuthenticatorAttestationResponse.class,
+				(r) -> TestAuthenticatorAttestationResponses.createAuthenticatorAttestationResponse().build());
 		generatorByClassName.put(RelyingPartyAuthenticationRequest.class, (r) -> authRequest);
 		generatorByClassName.put(PublicKeyCredential.class, (r) -> credential);
 		generatorByClassName.put(WebAuthnAuthenticationRequestToken.class, (r) -> requestToken);
diff --git a/config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.AuthenticatorAttestationResponse.serialized b/config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.AuthenticatorAttestationResponse.serialized
new file mode 100644
index 0000000000..5ca34eea22
Binary files /dev/null and b/config/src/test/resources/serialized/6.5.x/org.springframework.security.web.webauthn.api.AuthenticatorAttestationResponse.serialized differ
diff --git a/core/src/main/java/org/springframework/security/authorization/method/ExpressionAttributeAuthorizationDecision.java b/core/src/main/java/org/springframework/security/authorization/method/ExpressionAttributeAuthorizationDecision.java
index 6eff3cc8ae..5cf340520e 100644
--- a/core/src/main/java/org/springframework/security/authorization/method/ExpressionAttributeAuthorizationDecision.java
+++ b/core/src/main/java/org/springframework/security/authorization/method/ExpressionAttributeAuthorizationDecision.java
@@ -28,6 +28,7 @@ import org.springframework.security.authorization.AuthorizationDecision;
  * instead
  */
 @Deprecated
+@SuppressWarnings("serial")
 public class ExpressionAttributeAuthorizationDecision extends AuthorizationDecision {
 
 	private final ExpressionAttribute expressionAttribute;
diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/OAuth2AuthorizationRequestRedirectFilter.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/OAuth2AuthorizationRequestRedirectFilter.java
index 0757ae4693..434e4bc3fe 100644
--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/OAuth2AuthorizationRequestRedirectFilter.java
+++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/OAuth2AuthorizationRequestRedirectFilter.java
@@ -269,6 +269,7 @@ public class OAuth2AuthorizationRequestRedirectFilter extends OncePerRequestFilt
 
 	}
 
+	@SuppressWarnings("serial")
 	private static final class OAuth2AuthorizationRequestException extends AuthenticationException {
 
 		OAuth2AuthorizationRequestException(Throwable cause) {
diff --git a/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/DPoPProofJwtDecoderFactory.java b/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/DPoPProofJwtDecoderFactory.java
index be89885b7b..de88ba57ae 100644
--- a/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/DPoPProofJwtDecoderFactory.java
+++ b/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/DPoPProofJwtDecoderFactory.java
@@ -185,6 +185,7 @@ public final class DPoPProofJwtDecoderFactory implements JwtDecoderFactory<DPoPP
 			return Base64.getUrlEncoder().withoutPadding().encodeToString(digest);
 		}
 
+		@SuppressWarnings("serial")
 		private static final class JtiCache extends LinkedHashMap<String, Long> {
 
 			private static final int MAX_SIZE = 1000;
diff --git a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/Saml2AuthenticationToken.java b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/Saml2AuthenticationToken.java
index 797bc124b0..9f0f39dd43 100644
--- a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/Saml2AuthenticationToken.java
+++ b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/Saml2AuthenticationToken.java
@@ -16,6 +16,7 @@
 
 package org.springframework.security.saml2.provider.service.authentication;
 
+import java.io.Serial;
 import java.util.Collections;
 
 import org.springframework.security.authentication.AbstractAuthenticationToken;
@@ -33,6 +34,9 @@ import org.springframework.util.Assert;
  */
 public class Saml2AuthenticationToken extends AbstractAuthenticationToken {
 
+	@Serial
+	private static final long serialVersionUID = 5225098478444036532L;
+
 	private final RelyingPartyRegistration relyingPartyRegistration;
 
 	private final String saml2Response;
diff --git a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/registration/OpenSamlRelyingPartyRegistration.java b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/registration/OpenSamlRelyingPartyRegistration.java
index 03e4a54172..448ff5340a 100644
--- a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/registration/OpenSamlRelyingPartyRegistration.java
+++ b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/registration/OpenSamlRelyingPartyRegistration.java
@@ -42,6 +42,7 @@ import org.springframework.security.saml2.core.Saml2X509Credential;
  * </pre>
  */
 @Deprecated
+@SuppressWarnings("serial")
 public final class OpenSamlRelyingPartyRegistration extends RelyingPartyRegistration {
 
 	OpenSamlRelyingPartyRegistration(RelyingPartyRegistration registration) {
diff --git a/web/src/main/java/org/springframework/security/web/access/expression/WebExpressionConfigAttribute.java b/web/src/main/java/org/springframework/security/web/access/expression/WebExpressionConfigAttribute.java
index 9a71c98480..94e54d524f 100644
--- a/web/src/main/java/org/springframework/security/web/access/expression/WebExpressionConfigAttribute.java
+++ b/web/src/main/java/org/springframework/security/web/access/expression/WebExpressionConfigAttribute.java
@@ -32,6 +32,7 @@ import org.springframework.security.web.FilterInvocation;
  * {@link AuthorizationManager}.
  */
 @Deprecated
+@SuppressWarnings("serial")
 class WebExpressionConfigAttribute implements ConfigAttribute, EvaluationContextPostProcessor<FilterInvocation> {
 
 	private final Expression authorizeExpression;
diff --git a/web/src/main/java/org/springframework/security/web/webauthn/api/AuthenticatorAttestationResponse.java b/web/src/main/java/org/springframework/security/web/webauthn/api/AuthenticatorAttestationResponse.java
index 75123cb88f..50532f898c 100644
--- a/web/src/main/java/org/springframework/security/web/webauthn/api/AuthenticatorAttestationResponse.java
+++ b/web/src/main/java/org/springframework/security/web/webauthn/api/AuthenticatorAttestationResponse.java
@@ -16,6 +16,7 @@
 
 package org.springframework.security.web.webauthn.api;
 
+import java.io.Serial;
 import java.util.Arrays;
 import java.util.List;
 
@@ -34,6 +35,9 @@ import java.util.List;
  */
 public final class AuthenticatorAttestationResponse extends AuthenticatorResponse {
 
+	@Serial
+	private static final long serialVersionUID = -1628559840895428945L;
+
 	private final Bytes attestationObject;
 
 	private final List<AuthenticatorTransport> transports;