CVE-2026-2603 - Vulnerability Analysis
HighCVSS: 8.1Last Updated: March 18, 2026
Keycloak - Authentication Bypass
Overview
Keycloak contains an authentication bypass caused by acceptance of valid SAML responses from external IdPs at the SAML endpoint for IdP-initiated broker logins, letting remote attackers authenticate without authorization, exploit requires sending a valid SAML response.
Severity & Score
Impact
Remote attackers can bypass security controls to authenticate without authorization, leading to unauthorized access.
Mitigation
Update to the latest version of Keycloak.
References
Social Media Activity(2 posts)
š CVE-2026-2603 - High (8.1) A flaw was found in Keycloak. A remote attacker could bypass security controls by sending a valid SAML response from an external Identity Provider (IdP) to the Keycloak SAML endpoint for IdP-initiated broker logins. This allows the attacker to com... š https://www.thehackerwire.com/vulnerability/CVE-2026-2603/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
View original post
š CVE-2026-2603 - High (8.1) A flaw was found in Keycloak. A remote attacker could bypass security controls by sending a valid SAML response from an external Identity Provider (IdP) to the Keycloak SAML endpoint for IdP-initiated broker logins. This allows the attacker to com... š https://www.thehackerwire.com/vulnerability/CVE-2026-2603/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
View original postGitHub Repositories(2 repos)
Related Resources
Details
- CVE ID
- CVE-2026-2603
- Severity
- High
- CVSS Score
- 8.1
- Type
- broken_authentication
- Status
- new
- EPSS
- 0.0%
- Social Posts
- 2
CWE
- CWE-306
CVSS Metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N