CVE-2026-3009 | Keycloak IdentityBrokerService improper authentication

Inserito da Angelo Barbosa | Mar 5, 2026 | CVE

A vulnerability classified as critical was found in Keycloak. Affected is an unknown function of the component IdentityBrokerService. Executing a manipulation can lead to improper authentication.

This vulnerability is handled as CVE-2026-3009. The attack can only be done within the local network. There is not any exploit available.

CVE-2026-3009 | Keycloak IdentityBrokerService improper authentication

Post correlati

CVE-2025-8743 | Scada-LTS up to 2.7.8.1 Virtual Data Source Property /data_source_edit.shtm Name cross site scripting

CVE-2025-22725 | loopus WP Virtual Assistant Plugin up to 3.0 on WordPress cross site scripting

CVE-2024-8737 | PDF Thumbnail Generator Plugin up to 1.3 on WordPress cross site scripting

CVE-2024-8150 | ContiNew Admin 3.2.0 user sort sql injection