CVE-2026-7307
A flaw was found in Keycloak. A remote, unauthenticated attacker can send a specially crafted XML input to the Security
A flaw was found in Keycloak. A remote, unauthenticated attacker can send a specially crafted XML input to the Security Assertion Markup Language (SAML) endpoint. This malicious input can cause high CPU usage and worker thread starvation, leading to a Denial of Service (DoS) where the server becomes unavailable.
HIGH · CVSS 7.5
EPSS 0.00053
Schedule remediation
- SSVC automatable: yes - attacks can be scripted at scale
- CVSS base score ≥ 7.0
Sigma rules0
YARA rules0