CVE-2026-3872
Modified
Modified - Updated After Analysis
Wildcard Redirect URI Bypass in Keycloak Leading to Token Theft
Vulnerability report for CVE-2026-3872, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.
Publication date: 2026-04-02
Last updated on: 2026-06-30
Assigner: Red Hat, Inc.
Description
Description
A flaw was found in Keycloak. This issue allows an attacker, who controls another path on the same web server, to bypass the allowed path in redirect Uniform Resource Identifiers (URIs) that use a wildcard. A successful attack may lead to the theft of an access token, resulting in information disclosure.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| redhat | build_of_keycloak | * |
| redhat | build_of_keycloak | 26.2 |
| redhat | build_of_keycloak | 26.2.15 |
| redhat | build_of_keycloak | 26.4 |
| redhat | build_of_keycloak | 26.4.11 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-601 | The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect. |