4 matches found
EUVD-2026-9864
A flaw was found in org.keycloak.broker.saml. When a disabled Security Assertion Markup Language SAML client is configured as an Identity Provider IdP-initiated broker landing target, it can still complete the login process and establish a Single Sign-On SSO session. This allows a remote attacker...
CVE-2026-3047 Org.keycloak.broker.saml: keycloak saml broker: authentication bypass due to disabled saml client completing idp-initiated login
A flaw was found in org.keycloak.broker.saml. When a disabled Security Assertion Markup Language SAML client is configured as an Identity Provider IdP-initiated broker landing target, it can still complete the login process and establish a Single Sign-On SSO session. This allows a remote attacker...
CVE-2026-3047
A flaw was found in org.keycloak.broker.saml. When a disabled Security Assertion Markup Language SAML client is configured as an Identity Provider IdP-initiated broker landing target, it can still complete the login process and establish a Single Sign-On SSO session. This allows a remote attacker...
PT-2026-23494
Name of the Vulnerable Software and Affected Versions Keycloak affected versions not specified Description A security issue exists in org.keycloak.broker.saml. Specifically, a disabled Security Assertion Markup Language SAML client configured as an Identity Provider IdP-initiated broker landing...