CVE-2026-1529
Org.keycloak.services.resources.organizations: keycloak: unauthorized organization registration via improper invitation token validation
Severity Score
8.1
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
Track
*SSVC
Descriptions
A flaw was found in Keycloak. An attacker can exploit this vulnerability by modifying the organization ID and target email within a legitimate invitation token's JSON Web Token (JWT) payload. This lack of cryptographic signature verification allows the attacker to successfully self-register into an unauthorized organization, leading to unauthorized access.
*Credits:
Red Hat would like to thank Joy Gilbert (gwthr) and Reynaldo Immanuel for reporting this issue.
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:Track
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2026-01-28 CVE Reserved
- 2026-02-09 CVE Published
- 2026-02-10 First Exploit
- 2026-02-16 CVE Updated
- 2026-04-18 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-347: Improper Verification of Cryptographic Signature
CAPEC
References (7)
| URL | Tag | Source |
|---|---|---|
| https://access.redhat.com/security/cve/CVE-2026-1529 | Vdb Entry | |
| https://bugzilla.redhat.com/show_bug.cgi?id=2433783 | Issue Tracking |
| URL | Date | SRC |
|---|---|---|
| https://packetstorm.news/files/id/215260 | 2026-02-10 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://access.redhat.com/errata/RHSA-2026:2363 | 2026-02-10 | |
| https://access.redhat.com/errata/RHSA-2026:2364 | 2026-02-10 | |
| https://access.redhat.com/errata/RHSA-2026:2365 | 2026-02-10 | |
| https://access.redhat.com/errata/RHSA-2026:2366 | 2026-02-10 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Redhat Search vendor "Redhat" | Build Keycloak Search vendor "Redhat" for product "Build Keycloak" | * | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Build Of Keycloak Search vendor "Redhat" for product "Build Of Keycloak" | * | - |
Affected
| ||||||