CWE-112

Missing XML Validation

1 CVEs Avg CVSS 3.1 MITRE

0

CRITICAL

0

HIGH

0

MEDIUM

1

LOW

0

POC

0

KEV

Monthly

CVE-2026-1190 LOW Monitor

A flaw was found in Keycloak's SAML brokering functionality. When Keycloak is configured as a client in a Security Assertion Markup Language (SAML) setup, it fails to validate the `NotOnOrAfter` timestamp within the `SubjectConfirmationData`. [CVSS 3.1 LOW]

Denial Of Service

NVD

CVSS 3.1

3.1

EPSS

0.0%

CVE-2026-1190

EPSS 0% CVSS 3.1

LOW Monitor

A flaw was found in Keycloak's SAML brokering functionality. When Keycloak is configured as a client in a Security Assertion Markup Language (SAML) setup, it fails to validate the `NotOnOrAfter` timestamp within the `SubjectConfirmationData`. [CVSS 3.1 LOW]

Denial Of Service

NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy