HIGHCVE-2026-7307Published Modified CNA redhat
CVE-2026-7307: Keycloak: keycloak: denial of service via specially crafted saml input
A flaw was found in Keycloak. A remote, unauthenticated attacker can send a specially crafted XML input to the Security Assertion Markup Language (SAML) endpoint. This malicious input can cause high CPU usage and worker thread starvation, leading to a Denial of Service (DoS) where the server becomes unavailable.
Metrics
- CVSS v3.1
- 7.5
- Severity
- HIGH
- Fixed in
- 26.2.16-1
- Affected Products
- 8
Fix available
26.2.16-126.2-2126.4.12-126.4-17
Affected packages
- Red Hat / Red Hat build of Keycloak 26.2Fixed in 26.2.16-1
- Red Hat / Red Hat build of Keycloak 26.2Fixed in 26.2-21
- Red Hat / Red Hat build of Keycloak 26.2Fixed in 26.2-21
- Red Hat / Red Hat build of Keycloak 26.2.16
- Red Hat / Red Hat build of Keycloak 26.4Fixed in 26.4.12-1
- Red Hat / Red Hat build of Keycloak 26.4Fixed in 26.4-17
- Red Hat / Red Hat build of Keycloak 26.4Fixed in 26.4-17
- Red Hat / Red Hat build of Keycloak 26.4.12
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H