CVE-2026-3872 | THREATINT

Description

A flaw was found in Keycloak. This issue allows an attacker, who controls another path on the same web server, to bypass the allowed path in redirect Uniform Resource Identifiers (URIs) that use a wildcard. A successful attack may lead to the theft of an access token, resulting in information disclosure.

PUBLISHED Reserved 2026-03-10 | Published 2026-04-02 | Updated 2026-04-07 | Assigner redhat

HIGH: 7.3CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N

Problem types

URL Redirection to Untrusted Site ('Open Redirect')

Product status

Default status

affected

26.2.15-1 (rpm) before *

unaffected

Default status

affected

26.2-18 (rpm) before *

unaffected

Default status

affected

26.2-18 (rpm) before *

unaffected

Default status

unaffected

Default status

affected

26.4.11-1 (rpm) before *

unaffected

Default status

affected

26.4-14 (rpm) before *

unaffected

Default status

affected

26.4-14 (rpm) before *

unaffected

Default status

unaffected

Timeline

2026-03-10:	Reported to Red Hat.
2026-04-02:	Made public.

Credits

Red Hat would like to thank Meeranh for reporting this issue.

References

access.redhat.com/errata/RHSA-2026:6475 (RHSA-2026:6475) vendor-advisory

access.redhat.com/errata/RHSA-2026:6476 (RHSA-2026:6476) vendor-advisory

access.redhat.com/errata/RHSA-2026:6477 (RHSA-2026:6477) vendor-advisory

access.redhat.com/errata/RHSA-2026:6478 (RHSA-2026:6478) vendor-advisory

access.redhat.com/security/cve/CVE-2026-3872 vdb-entry

bugzilla.redhat.com/show_bug.cgi?id=2445988 (RHBZ#2445988) issue-tracking

cve.org (CVE-2026-3872)

nvd.nist.gov (CVE-2026-3872)

Download JSON

help @ threatint.eu