Ce mail provient de l'extérieur, restons vigilants

=====================================================================

                            CERT-Renater

                Note d'Information No. 2026/VULN571
_____________________________________________________________________

DATE                : 01/06/2026

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running keycloak-services (Maven) versions
                        prior to 26.2.14, 26.4.10, 26.5.5, 26.6.0.

=====================================================================
https://github.com/keycloak/keycloak/security/advisories/GHSA-794g-x443-36f7
_____________________________________________________________________


Keycloak: Unauthorized access via improper validation of encrypted
SAML assertions

High
abstractj published GHSA-794g-x443-36f7 May 29, 2026

Package
org.keycloak:keycloak-services (Maven)

Affected versions
< 26.2.14, >= 26.3.0, < 26.4.10, >= 26.5.0, < 26.5.5

Patched versions
26.2.14, 26.4.10, 26.5.5, 26.6.0


Description

Keycloak's SAML broker endpoint does not properly validate encrypted
assertions when the overall SAML response is not signed. An attacker
with a valid signed SAML assertion can exploit this by crafting a
malicious SAML response, injecting an encrypted assertion for an
arbitrary principal, leading to unauthorized access and potential
information disclosure.


Severity
High
7.7/ 10

CVSS v3 base metrics
Attack vector
Network
Attack complexity
High
Privileges required
Low
User interaction
None
Scope
Changed
Confidentiality
High
Integrity
Low
Availability
Low
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L

CVE ID
CVE-2026-2092

Weaknesses
Weakness CWE-1287

Credits

    @1seal 1seal Reporter


=========================================================
+ CERT-RENATER        |    tel : 01-53-94-20-44         +
+ 23/25 Rue Daviel    |    fax : 01-53-94-20-41         +
+ 75013 Paris         |   email:cert@support.renater.fr +
=========================================================