{}

{}

{}

{"acknowledgement": "Red Hat would like to thank Oleh Konko for reporting this issue.", "affected_release": [{"advisory": "RHSA-2026:3925", "cpe": "cpe:/a:redhat:build_keycloak:26.2::el9", "package": "rhbk/keycloak-operator-bundle:26.2.14-1", "product_name": "Red Hat build of Keycloak 26.2", "release_date": "2026-03-05T00:00:00Z"}, {"advisory": "RHSA-2026:3925", "cpe": "cpe:/a:redhat:build_keycloak:26.2::el9", "package": "rhbk/keycloak-rhel9:26.2-16", "product_name": "Red Hat build of Keycloak 26.2", "release_date": "2026-03-05T00:00:00Z"}, {"advisory": "RHSA-2026:3925", "cpe": "cpe:/a:redhat:build_keycloak:26.2::el9", "package": "rhbk/keycloak-rhel9-operator:26.2-16", "product_name": "Red Hat build of Keycloak 26.2", "release_date": "2026-03-05T00:00:00Z"}, {"advisory": "RHSA-2026:3926", "cpe": "cpe:/a:redhat:build_keycloak:26.2::el9", "package": "rhbk/keycloak-rhel9", "product_name": "Red Hat build of Keycloak 26.2.14", "release_date": "2026-03-05T00:00:00Z"}, {"advisory": "RHSA-2026:3948", "cpe": "cpe:/a:redhat:build_keycloak:26.4::el9", "package": "keycloak-rhel9-container-26.4-12", "product_name": "Red Hat build of Keycloak 26.4", "release_date": "2026-03-05T00:00:00Z"}, {"advisory": "RHSA-2026:3948", "cpe": "cpe:/a:redhat:build_keycloak:26.4::el9", "package": "keycloak-rhel9-operator-bundle-container-26.4.10-1", "product_name": "Red Hat build of Keycloak 26.4", "release_date": "2026-03-05T00:00:00Z"}, {"advisory": "RHSA-2026:3948", "cpe": "cpe:/a:redhat:build_keycloak:26.4::el9", "package": "keycloak-rhel9-operator-container-26.4-12", "product_name": "Red Hat build of Keycloak 26.4", "release_date": "2026-03-05T00:00:00Z"}, {"advisory": "RHSA-2026:3947", "cpe": "cpe:/a:redhat:build_keycloak:26.4::el9", "package": "rhbk/keycloak-rhel9", "product_name": "Red Hat build of Keycloak 26.4.10", "release_date": "2026-03-05T00:00:00Z"}], "bugzilla": {"description": "keycloak-services: Keycloak: Unauthorized access via improper validation of encrypted SAML assertions", "id": "2437296", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437296"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.7", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L", "status": "verified"}, "cwe": "CWE-1287", "details": ["No description is available for this CVE."], "name": "CVE-2026-2092", "public_date": "2026-03-05T12:34:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-2092\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-2092"], "threat_severity": "Important"}

{}