New: Corgea AI Pentesting — autonomous penetration testing in hours, not weeks
HIGH 7.7 Maven

Duplicate Advisory: Keycloak: Unauthorized access via improper validation of encrypted SAML assertions

GHSA-wmxr-6j5f-838p · CVE-2026-2092

Published · Modified

Description

Duplicate Advisory

This advisory has been withdrawn because it is a duplicate of GHSA-794g-x443-36f7. This link is maintained to preserve external references.

Original Description

A flaw was found in Keycloak. Keycloak's Security Assertion Markup Language (SAML) broker endpoint does not properly validate encrypted assertions when the overall SAML response is not signed. An attacker with a valid signed SAML assertion can exploit this by crafting a malicious SAML response. This allows the attacker to inject an encrypted assertion for an arbitrary principal, leading to unauthorized access and potential information disclosure.

Ready to move

Start Securing

Free, no credit card | First findings in minutes