CVE-2026-4366

5.8 MEDIUM

A flaw was identified in Keycloak, an identity and access management solution, where it improperly follows HTTP redirects when processing...

Published: 2026-03-18 · Last updated: 2026-06-09

Severity and scoring

CVSS: 5.8 MEDIUM
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
CWE: CWE-918

Affected products

Vendor	Product
redhat	build_of_keycloak, jboss_enterprise_application_platform, jboss_enterprise_application_platform_expansion_pack

Description

A flaw was identified in Keycloak, an identity and access management solution, where it improperly follows HTTP redirects when processing certain client configuration requests. This behavior allows an attacker to trick the server into making unintended requests to internal or restricted resources. As a result, sensitive internal services such as cloud metadata endpoints could be accessed. This issue may lead to information disclosure and enable attackers to map internal network infrastructure.

Source: NVD

References

[NVD]https://nvd.nist.gov/vuln/detail/CVE-2026-4366
[Other]https://access.redhat.com/errata/RHSA-2026:19596
[Other]https://access.redhat.com/errata/RHSA-2026:19597
[Vendor advisory]https://access.redhat.com/security/cve/CVE-2026-4366
[Vendor advisory]https://bugzilla.redhat.com/show_bug.cgi?id=2448543

Related CVEs

Same vendor

CVE-2026-1767 — A flaw was found in the GNOME localsearch (previously known as tracker-miners) MP3 Extractor `tracker-extract-mp3` component (5.6 MEDIUM)
CVE-2026-1766 — A flaw was found in GNOME localsearch (previously known as tracker-miners) MP3 Extractor, specifically within the tracker-extract-mp3 com... (5.6 MEDIUM)
CVE-2026-11793 — A stack buffer overflow flaw was found in 389 Directory Server (4.9 MEDIUM)
CVE-2026-11790 — A flaw was found in 389 Directory Server (4.9 MEDIUM)
CVE-2026-11789 — A flaw was found in 389 Directory Server (4.9 MEDIUM)

Same CWE

CVE-2026-53859 — OpenClaw before 2026.5.26 contains a hostname validation vulnerability allowing attackers to bypass blocklist comparisons using trailing-... (6.5 MEDIUM)
CVE-2026-47684 — Sync-in Server is a secure, open-source platform for file storage, sharing, collaboration, and syncing (7.7 HIGH)
CVE-2025-60175 — Administrator Server Side Request Forgery (SSRF) in PopAd <= 1.0.4 versions (4.4 MEDIUM)
CVE-2026-50888 — An authenticated Server-Side Request Forgery (SSRF) in the custom scraper subsystem component of Benjamin Jonard Koillection v1.8.0 allow... (8.1 HIGH)
CVE-2026-50887 — A Server-Side Request Forgery (SSRF) in the automatic short URL title resolution component of shlink v5.0.1 allows attackers to scan inte... (9.1 CRITICAL)