Lucene search
+L

EUVD-2026-39567

🗓️ 26 Jun 2026 00:32:05Reported by EUVDType 
euvd
 euvd
🔗 euvd.enisa.europa.eu👁 6 Views

Keycloak flaw lets forging an assertion bypass signature checks in the JSON Web Token flow, enabling impersonation.

Related
Affected
Refs
ReporterTitlePublishedViews
Family
attackerkb
CVE-2026-11800
25 Jun 202620:57
attackerkb
circl
CVE-2026-11800
25 Jun 202622:17
circl
cve
CVE-2026-11800
25 Jun 202620:57
cve
cvelist
CVE-2026-11800 Org.keycloak:keycloak-services: keycloak: authentication bypass via jwt algorithm confusion
25 Jun 202620:57
cvelist
nessus
Keycloak < 26.6.4 Multiple Vulnerabilities
3 Jul 202600:00
nessus
nvd
CVE-2026-11800
25 Jun 202622:17
nvd
ptsecurity
PT-2026-52592
25 Jun 202600:00
ptsecurity
redhatcve
CVE-2026-11800
25 Jun 202620:57
redhatcve
redhat
Important: Red Hat Security Advisory: Red Hat build of Keycloak 26.6.4 Security Update
25 Jun 202618:47
redhat
redhat
org.keycloak:keycloak-services: Keycloak: Authentication bypass via JWT algorithm confusion
25 Jun 202618:47
redhat
Rows per page
[
  {
    "enisaIdVendor": [
      {
        "id": "7dc2b48f-86ed-372f-b266-e7982c95cee4",
        "vendor": {
          "name": "Red Hat"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "0e2fbfad-f47d-3c09-8825-575ae18c698c",
        "product": {
          "name": "Red Hat build of Keycloak 26.6",
          "vendor": {
            "name": "Red Hat"
          }
        },
        "product_version": "patch: 26.6-8"
      },
      {
        "id": "e184f73c-6ff2-3c28-a5c1-3cdd7e73c2a7",
        "product": {
          "name": "Red Hat build of Keycloak 26.6",
          "vendor": {
            "name": "Red Hat"
          }
        },
        "product_version": "patch: 26.6.4-2"
      }
    ]
  }
]

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

26 Jun 2026 00:32Current
5.8Medium risk
Vulners AI Score5.8
CVSS 3.18.1
EPSS0.00181
6