CVE-2026-2575

A flaw was found in Keycloak. An unauthenticated remote attacker can trigger an application level Denial of Service (DoS) by sending a highly compressed SAMLRequest through the SAML Redirect Binding. The server fails to enforce size limits during DEFLATE decompression, leading to an OutOfMemoryError (OOM) and subsequent process termination. This vulnerability allows an attacker to disrupt the availability of the service.

CVSS v3 5.3 MEDIUM

5.3^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact LOW

Scope UNCHANGED

References

Link	Resource
https://access.redhat.com/errata/RHSA-2026:3947
https://access.redhat.com/errata/RHSA-2026:3948
https://access.redhat.com/security/cve/CVE-2026-2575
https://bugzilla.redhat.com/show_bug.cgi?id=2440149

Configurations

No configuration.

History

18 Mar 2026, 14:52

Type	Values Removed	Values Added
Summary		(es) Se encontró una falla en Keycloak. Un atacante remoto no autenticado puede desencadenar una denegación de servicio (DoS) a nivel de aplicación al enviar una SAMLRequest altamente comprimida a través del SAML Redirect Binding. El servidor no aplica límites de tamaño durante la descompresión DEFLATE, lo que lleva a un OutOfMemoryError (OOM) y la subsiguiente terminación del proceso. Esta vulnerabilidad permite a un atacante interrumpir la disponibilidad del servicio.

18 Mar 2026, 04:17

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-03-18 04:17

Updated : 2026-03-18 14:52

NVD link : CVE-2026-2575

Mitre link : CVE-2026-2575

CVE.ORG link : CVE-2026-2575

JSON object : View

Products Affected

No product.

CWE

CWE-409

Improper Handling of Highly Compressed Data (Data Amplification)

5.3 /10