7.7

CVE-2026-2092

Keycloak-services: keycloak: unauthorized access via improper validation of encrypted saml assertions

Keycloak: Unauthorized access via improper validation of encrypted SAML assertions

A flaw was found in Keycloak. Keycloak's Security Assertion Markup Language (SAML) broker endpoint does not properly validate encrypted assertions when the overall SAML response is not signed. An attacker with a valid signed SAML assertion can exploit this by crafting a malicious SAML response. This allows the attacker to inject an encrypted assertion for an arbitrary principal, leading to unauthorized access and potential information disclosure.
Mögliche Gegenmaßnahme
Keycloak Server: Install latest version
Daten sind bereitgestellt durch das CVE Programm von Authorized Data Publishers (ADP) (Unstrukturiert)
HerstellerRed Hat
Produkt Red Hat build of Keycloak 26.2
Default Statusaffected
HerstellerRed Hat
Produkt Red Hat build of Keycloak 26.4
Default Statusaffected
HerstellerRed Hat
Produkt Red Hat build of Keycloak 26.2.14
Default Statusaffected
HerstellerRed Hat
Produkt Red Hat build of Keycloak 26.4.10
Default Statusaffected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Weitere Schwachstelleninformationen
SystemKeycloak
Produkt Keycloak Server
Version < 26.2.14
Version >= 26.3.0, < 26.4.10
Version >= 26.5.0, < 26.5.5
Version >= 26.6.0, < 26.6.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.24% 0.152
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
secalert@redhat.com 7.7 1.8 5.3
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L
0b0ca135-0b70-47e7-9f44-1890c2a1c46c 7.7 1.8 5.3
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L
CWE-1287 Improper Validation of Specified Type of Input

The product receives input that is expected to be of a certain type, but it does not validate or incorrectly validates that the input is actually of the expected type.

https://access.redhat.com/errata/RHSA-2026:3947
https://access.redhat.com/errata/RHSA-2026:3948
https://access.redhat.com/errata/RHSA-2026:3925
https://access.redhat.com/errata/RHSA-2026:3926
https://access.redhat.com/security/cve/CVE-2026-2092
https://bugzilla.redhat.com/show_bug.cgi?id=2437296
https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-2092.json
https://github.com/keycloak/keycloak/security/advisories/GHSA-794g-x443-36f7
Third Party Advisory