๐Ÿ” CVE Alert

CVE-2026-2092

HIGH 7.7

Keycloak-services: keycloak: unauthorized access via improper validation of encrypted saml assertions

CVSS Score
7.7
EPSS Score
0.0%
EPSS Percentile
0th

A flaw was found in Keycloak. Keycloak's Security Assertion Markup Language (SAML) broker endpoint does not properly validate encrypted assertions when the overall SAML response is not signed. An attacker with a valid signed SAML assertion can exploit this by crafting a malicious SAML response. This allows the attacker to inject an encrypted assertion for an arbitrary principal, leading to unauthorized access and potential information disclosure.

CWE CWE-1287
Vendor red hat
Product red hat build of keycloak 26.2
Published Mar 18, 2026
Last Updated Mar 18, 2026
Stay Ahead of the Next One

Get instant alerts for red hat red hat build of keycloak 26.2

Be the first to know when new high vulnerabilities affecting red hat red hat build of keycloak 26.2 are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L
Attack Vector
Network
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
Low
Availability
Low

Affected Versions

Red Hat / Red Hat build of Keycloak 26.2
All versions affected
Red Hat / Red Hat build of Keycloak 26.2
All versions affected
Red Hat / Red Hat build of Keycloak 26.2
All versions affected
Red Hat / Red Hat build of Keycloak 26.2.14
All versions affected
Red Hat / Red Hat build of Keycloak 26.4
All versions affected
Red Hat / Red Hat build of Keycloak 26.4
All versions affected
Red Hat / Red Hat build of Keycloak 26.4
All versions affected
Red Hat / Red Hat build of Keycloak 26.4.10
All versions affected

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
access.redhat.com: https://access.redhat.com/errata/RHSA-2026:3925 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:3926 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:3947 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:3948 access.redhat.com: https://access.redhat.com/security/cve/CVE-2026-2092 bugzilla.redhat.com: https://bugzilla.redhat.com/show_bug.cgi?id=2437296

Credits

Red Hat would like to thank Oleh Konko for reporting this issue.