CVE-2026-1518

Опубликовано: 02 фев. 2026

Источник: nvd

CVSS3: 2.7

EPSS Низкий

Описание

A flaw was found in Keycloak’s CIBA feature where insufficient validation of client-configured backchannel notification endpoints could allow blind server-side requests to internal services.

Ссылки

EPSS

Процентиль: 1%

0.00011

Низкий

2.7 Low

CVSS3

Дефекты

CWE-918

Связанные уязвимости

CVE-2026-1518

CVSS3: 2.7

redhat

2 месяца назад

A flaw was found in Keycloak’s CIBA feature where insufficient validation of client-configured backchannel notification endpoints could allow blind server-side requests to internal services.

CVE-2026-1518

CVSS3: 2.7

debian

около 2 месяцев назад

A flaw was found in Keycloak\u2019s CIBA feature where insufficient va ...

GHSA-fwhw-chw4-gh37

CVSS3: 2.7

github

около 2 месяцев назад

Keycloak Server-Side Request Forgery (SSRF) vulnerability

EPSS

Процентиль: 1%

0.00011

Низкий

2.7 Low

CVSS3

Дефекты

CWE-918