PT-2026-25968 · Red Hat · Red Hat Build Of Keycloak 26.2+3

Published

2026-03-18

·

Updated

2026-03-18

·

CVE-2026-2603

CVSS v3.1
8.1
VectorAV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
A flaw was found in Keycloak. A remote attacker could bypass security controls by sending a valid SAML response from an external Identity Provider (IdP) to the Keycloak SAML endpoint for IdP-initiated broker logins. This allows the attacker to complete broker logins even when the SAML Identity Provider is disabled, leading to unauthorized authentication.

Fix

Missing Authentication

Weakness Enumeration

CWE-306

Related Identifiers

CVE-2026-2603

Affected Products

Red Hat Build Of Keycloak 26.2
Red Hat Build Of Keycloak 26.2.14
Red Hat Build Of Keycloak 26.4
Red Hat Build Of Keycloak 26.4.10