QSearchQSearch

CVE-2026-37982

6.8 MEDIUM

A flaw was found in Keycloak

Published: 2026-05-19 · Last updated: 2026-06-03

Severity and scoring

CVSS
6.8 MEDIUM
Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
CWE
CWE-294

Affected products

VendorProduct
redhatbuild_of_keycloak

Description

A flaw was found in Keycloak. This authentication vulnerability allows a remote attacker to replay `ExecuteActionsActionToken` tokens within Keycloak's WebAuthn (Web Authentication) flow. By intercepting an execute-actions email link, an attacker can register their own authenticator to a victim's account. This leads to unauthorized enrollment of a hardware-backed credential, enabling persistent account takeover.

Source: NVD

References

Related CVEs

Same vendor

  • CVE-2026-50259 A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland (7.8 HIGH)
  • CVE-2026-50258 A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland (7.8 HIGH)
  • CVE-2026-50257 A use-after-free flaw was found in the X.Org X server and Xwayland in miSyncDestroyFence() (7.8 HIGH)
  • CVE-2026-50256 A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland (7.8 HIGH)
  • CVE-2026-1784 The Route OpenShift resource allows to define routes to make pods reachable at a subdomain through HAProxy (8.8 HIGH)

Same CWE

  • CVE-2026-49322 Weak authentication in the Wireless Control Module (WCM) of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows an adjacent-... (4.3 MEDIUM)
  • CVE-2026-9095 Casdoor versions 2.362.0 and earlier map SAML assertions to user sessions without replay protection (8.1 HIGH)
  • CVE-2026-46538 Microsoft UFO open-source framework for intelligent automation across devices and platforms (5.9 MEDIUM)
  • CVE-2026-9398 A security vulnerability has been detected in Besen BS20 EV Charging Station up to 20260426 (3.1 LOW)
  • CVE-2026-42602 azureauthextension is the Azure Authenticator Extension (8.1 HIGH)