CVE-2026-2092
A flaw was found in Keycloak. Keycloak's Security Assertion Markup Language (SAML) broker endpoint does not properly validate encrypted asse
CVSS
7.7
Alto
EPSS
0.2%
p15
KEV
—
Exploit Today
5
0-100
Publicado: 18 mar 2026 · Última mod.: 15 jul 2026 · CWE-1287
0.2%EPSS · 30 días0.2%
2026-06-302026-07-18
A flaw was found in Keycloak. Keycloak's Security Assertion Markup Language (SAML) broker endpoint does not properly validate encrypted assertions when the overall SAML response is not signed. An attacker with a valid signed SAML assertion can exploit this by crafting a malicious SAML response. This allows the attacker to inject an encrypted assertion for an arbitrary principal, leading to unauthorized access and potential information disclosure.
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:3925
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:3926
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:3947
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:3948
- access.redhat.comhttps://access.redhat.com/security/cve/CVE-2026-2092
- bugzilla.redhat.comhttps://bugzilla.redhat.com/show_bug.cgi?id=2437296
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:3925
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:3926
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:3947
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:3948
- access.redhat.comhttps://access.redhat.com/security/cve/CVE-2026-2092
- bugzilla.redhat.comhttps://bugzilla.redhat.com/show_bug.cgi?id=2437296
- security.access.redhat.comhttps://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-2092.json
CVECVSSEPSSKEVRExplotTítuloVis.
CVE-2026-256397.5 ALT82.9%
——25Axios is a promise based HTTP client for the browser and Node.js. Prior to versions 0.30.3 and 1.13.5, the mergeConfig function in axios crashes with a TypeError when processing configuration objects containing __proto__ as an own property. An attacker can trigger this by providing a malicious configuration object created via JSON.parse(), causing complete denial of service. This vulnerability is fixed in versions 0.30.3 and 1.13.5.3dCVE-2026-59467.5 ALT76.2%
——23Multiple flaws have been identified in `named` related to the handling of DNS messages whose CLASS is not Internet (`IN`) — for example, `CHAOS` or `HESIOD`, or DNS messages that specify meta-classes (`ANY` or `NONE`) in the question section. Specially crafted requests reaching the affected code paths — recursion, dynamic updates (`UPDATE`), zone change notifications (`NOTIFY`), or processing of `IN`-specific record types in non-`IN` data — can cause assertion failures in `named`.
This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.48, 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.48-S1, and 9.20.9-S1 through 9.20.22-S1.5dCVE-2026-20048.8 ALT52.0%
——16Missing validation of type of input in PostgreSQL intarray extension selectivity estimator function allows an object creator to execute arbitrary code as the operating system user running the database. Versions before PostgreSQL 18.2, 17.8, 16.12, 15.16, and 14.21 are affected.5dCVE-2026-505247.5 ALT46.9%
——14Improper validation of specified type of input in .NET Framework allows an unauthorized attacker to deny service over a network.5dCVE-2026-449359.9 CRÍ44.1%
——13Missing validation of "valuesFrom" references in Helm Deployer of SUSE Rancher Fleet 0.15 before 0.15.2, 0.14 before 0.14.6, 0.13 before 0.13.11 and 0.12 before 0.12.15 could be used by owners of one tenant to access fleet credentials of other tenants.13dCVE-2026-442498.1 ALT43.5%
——13Netty is a network application framework for development of protocol servers and clients. In netty-handler prior to versions 4.1.135.Final and 4.2.15.Final, an attacker can bypass IPv6 subnet rules due to an incorrect masking operation in IpSubnetFilterRule.compareTo(). Valid public IP addresses can bypass the restrictions. Versions 4.1.135.Final and 4.2.15.Final patch the issue.5d