VYPR
Moderate severity5.4NVD Advisory· Published Jul 16, 2026

keycloak-services: keycloak-services: Required signed-JWT assertion policy can be bypassed with unsigned assertion headers

CVE-2026-16093

Description

keycloak-services: keycloak-services: Required signed-JWT assertion policy can be bypassed with unsigned assertion headers

Affected products

1

Patches

Vulnerability mechanics

News mentions

0

No linked articles in our index yet.