CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-3047

A flaw was found in org.keycloak.broker.saml. When a disabled Security Assertion Markup Language (SAML) client is configured as an Identity Provider (IdP)-initiated broker landing target, it can still complete the login process and establish a Single Sign-On (SSO) session. This allows a remote attacker to gain unauthorized access to other enabled clients without re-authentication, effectively bypassing security restrictions.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 62.1%

CVSS Severity

CVSS v3 Score 8.8

References

Products affected by CVE-2026-3047

Redhat » Build Of Keycloak » Version: N/A

cpe:2.3:a:redhat:build_of_keycloak:-
Redhat » Build Of Keycloak » Version: 26.2

cpe:2.3:a:redhat:build_of_keycloak:26.2
Redhat » Build Of Keycloak » Version: 26.2.14

cpe:2.3:a:redhat:build_of_keycloak:26.2.14
Redhat » Build Of Keycloak » Version: 26.4

cpe:2.3:a:redhat:build_of_keycloak:26.4
Redhat » Build Of Keycloak » Version: 26.4.10

cpe:2.3:a:redhat:build_of_keycloak:26.4.10
Redhat » Keycloak » Version: N/A

cpe:2.3:a:redhat:keycloak:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-3047

Products

Pricing

Contact Us