CVE-2026-9689

ADVISORY - github

Summary

A flaw was found in Keycloak, an open-source identity and access management solution. When a client application is configured to accept broad redirect Uniform Resource Identifiers (URIs), a remote attacker can manipulate the authentication process by crafting a special web address. If a user clicks this link, the client application might incorrectly prioritize attacker-controlled information over legitimate data. This vulnerability, known as HTTP parameter pollution, could allow an attacker to bypass security measures or gain unauthorized access to resources.

EPSS Score: 0.00213 (0.116)

Common Weakness Enumeration (CWE)

ADVISORY - nist

Improper Validation of Consistency within Input

ADVISORY - github

Improper Validation of Consistency within Input

ADVISORY - redhat

Improper Validation of Consistency within Input


Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.

Sign in