8.1

CVE-2026-9800

Keycloak: keycloak policy enforcer: authorization bypass via incorrect uri comparison

Authorization bypass via incorrect uri comparison

A flaw was found in Keycloak Policy Enforcer. This vulnerability allows any authenticated user to bypass all authorization policies, including role, scope, and User-Managed Access (UMA) permission checks. By including the configured access-denied page path within a request URL, either as a path segment or a query parameter, an attacker can gain unauthorized access to protected resources.
Mögliche Gegenmaßnahme
Keycloak Server: Install latest version
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
RedhatBuild Of Keycloak Version >= 26.4 < 26.4.13
RedhatBuild Of Keycloak Version >= 26.6 <= 26.6.4
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Weitere Schwachstelleninformationen
SystemKeycloak
Produkt Keycloak Server
Version < 26.0.10
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.3% 0.218
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
secalert@redhat.com 8.1 2.8 5.2
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
0b0ca135-0b70-47e7-9f44-1890c2a1c46c 8.1 2.8 5.2
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
CWE-1025 Comparison Using Wrong Factors

The code performs a comparison between two entities, but the comparison examines the wrong factors or characteristics of the entities, which can lead to incorrect results and resultant weaknesses.

https://access.redhat.com/security/cve/CVE-2026-9800
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2482472
Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:30083
Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:30084
Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:30049
Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:30050
Vendor Advisory
https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-9800.json
Vendor Advisory
https://github.com/keycloak/keycloak/security/advisories/GHSA-f5p5-6xmx-p252
Third Party Advisory