exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 4

CVE-2026-2575

около 1 месяца назад

A flaw was found in Keycloak. An unauthenticated remote attacker can trigger an application level Denial of Service (DoS) by sending a highly compressed SAMLRequest through the SAML Redirect Binding. The server fails to enforce size limits during DEFLATE decompression, leading to an OutOfMemoryError (OOM) and subsequent process termination. This vulnerability allows an attacker to disrupt the availability of the service.

CVSS3: 5.3

EPSS: Низкий

CVE-2026-2575

11 дней назад

A flaw was found in Keycloak. An unauthenticated remote attacker can trigger an application level Denial of Service (DoS) by sending a highly compressed SAMLRequest through the SAML Redirect Binding. The server fails to enforce size limits during DEFLATE decompression, leading to an OutOfMemoryError (OOM) and subsequent process termination. This vulnerability allows an attacker to disrupt the availability of the service.

CVSS3: 5.3

EPSS: Низкий

CVE-2026-2575

11 дней назад

A flaw was found in Keycloak. An unauthenticated remote attacker can t ...

CVSS3: 5.3

EPSS: Низкий

GHSA-xv6h-r36f-3gp5

11 дней назад

Keycloak: Denial of Service due to excessive SAMLRequest decompression

CVSS3: 5.3

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2026-2575 A flaw was found in Keycloak. An unauthenticated remote attacker can trigger an application level Denial of Service (DoS) by sending a highly compressed SAMLRequest through the SAML Redirect Binding. The server fails to enforce size limits during DEFLATE decompression, leading to an OutOfMemoryError (OOM) and subsequent process termination. This vulnerability allows an attacker to disrupt the availability of the service.	CVSS3: 5.3	0% Низкий	около 1 месяца назад
CVE-2026-2575 A flaw was found in Keycloak. An unauthenticated remote attacker can trigger an application level Denial of Service (DoS) by sending a highly compressed SAMLRequest through the SAML Redirect Binding. The server fails to enforce size limits during DEFLATE decompression, leading to an OutOfMemoryError (OOM) and subsequent process termination. This vulnerability allows an attacker to disrupt the availability of the service.	CVSS3: 5.3	0% Низкий	11 дней назад
CVE-2026-2575 A flaw was found in Keycloak. An unauthenticated remote attacker can t ...	CVSS3: 5.3	0% Низкий	11 дней назад
GHSA-xv6h-r36f-3gp5 Keycloak: Denial of Service due to excessive SAMLRequest decompression	CVSS3: 5.3	0% Низкий	11 дней назад

Уязвимостей на страницу