CVE-2026-1035

EPSS 0.01%
Veröffentlicht 21.01.2026 05:52:22
Zuletzt bearbeitet 15.04.2026 00:35:42
Quelle secalert@redhat.com
CVE-Watchlists
Login
Unerledigt
Login

Org.keycloak.protocol.oidc: keycloak refresh token reuse bypass via toctou race condition

A flaw was found in the Keycloak server during refresh token processing, specifically in the TokenManager class responsible for enforcing refresh token reuse policies. When strict refresh token rotation is enabled, the validation and update of refresh token usage are not performed atomically. This allows concurrent refresh requests to bypass single-use enforcement and issue multiple access tokens from the same refresh token. As a result, Keycloak’s refresh token rotation hardening can be undermined.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 7

CNA 7 VulnDex Vulnerability Enrichment 2

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerRed Hat

≫

Produkt Red Hat build of Keycloak 26.4

Default Statusaffected

Version 26.4.11-1

Version < *

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat build of Keycloak 26.4

Default Statusaffected

Version 26.4-14

Version < *

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat build of Keycloak 26.4

Default Statusaffected

Version 26.4-14

Version < *

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat build of Keycloak 26.4.11

Default Statusunaffected

HerstellerRed Hat

≫

Produkt Red Hat JBoss Enterprise Application Platform 8

Default Statusunaffected

HerstellerRed Hat

≫

Produkt Red Hat JBoss Enterprise Application Platform Expansion Pack

Default Statusunaffected

HerstellerRed Hat

≫

Produkt Red Hat Single Sign-On 7

Default Statusunaffected

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.01%	0.012

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
secalert@redhat.com	3.1	1.6	1.4	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N

CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition

The product checks the state of a resource before using that resource, but the resource's state can change between the check and the use in a way that invalidates the results of the check. This can cause the product to perform invalid actions when the resource is in an unexpected state.

https://access.redhat.com/security/cve/CVE-2026-1035

https://bugzilla.redhat.com/show_bug.cgi?id=2430314

https://access.redhat.com/errata/RHSA-2026:6477

https://access.redhat.com/errata/RHSA-2026:6478

https://nvd.nist.gov/vuln/detail/CVE-2026-1035

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-1035

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-1035

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2026-1035