CVE-2026-4366

MEDIUM

Keycloak-services: blind server-side request forgery (ssrf) via http redirect handling in keycloak

Title source: cna

Description

A flaw was identified in Keycloak, an identity and access management solution, where it improperly follows HTTP redirects when processing certain client configuration requests. This behavior allows an attacker to trick the server into making unintended requests to internal or restricted resources. As a result, sensitive internal services such as cloud metadata endpoints could be accessed. This issue may lead to information disclosure and enable attackers to map internal network infrastructure.

References (2)

Core 2

Core References

Vdb Entry, X_Refsource_Redhat vdb-entry x_refsource_redhat

https://access.redhat.com/security/cve/CVE-2026-4366

Issue Tracking, X_Refsource_Redhat issue-tracking x_refsource_redhat

RHBZ#2448543

https://bugzilla.redhat.com/show_bug.cgi?id=2448543

Scores

CVSS v3 5.8

EPSS 0.0003

EPSS Percentile 10.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-918

Status published

Products (8)

Red Hat/Red Hat Build of Keycloak

Red Hat/Red Hat JBoss Enterprise Application Platform 8

Red Hat/Red Hat JBoss Enterprise Application Platform Expansion Pack

Red Hat/Red Hat Single Sign-On 7

redhat/build_of_keycloak

redhat/jboss_enterprise_application_platform 8.0.0

redhat/jboss_enterprise_application_platform_expansion_pack

redhat/single_sign-on 7.0

Published Mar 18, 2026

Tracked Since Mar 18, 2026