Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.7
Keycloak: Unauthorized Access via Malicious SAML Response
CVE-2026-2092
Summary
Keycloak's SAML feature has a flaw that allows an attacker to create a fake SAML response, potentially gaining unauthorized access to your system. This could lead to sensitive information being disclosed. Update your Keycloak instance to fix this issue.
Original title
A flaw was found in Keycloak. Keycloak's Security Assertion Markup Language (SAML) broker endpoint does not properly validate encrypted assertions when the overall SAML response is not signed. An a...
Original description
A flaw was found in Keycloak. Keycloak's Security Assertion Markup Language (SAML) broker endpoint does not properly validate encrypted assertions when the overall SAML response is not signed. An attacker with a valid signed SAML assertion can exploit this by crafting a malicious SAML response. This allows the attacker to inject an encrypted assertion for an arbitrary principal, leading to unauthorized access and potential information disclosure.
nvd CVSS3.1
7.7
Vulnerability type
CWE-1287
Published: 18 Mar 2026 · Updated: 18 Mar 2026 · First seen: 18 Mar 2026