CVE•Published 2026-03-18•Modified 2026-06-30•1 article on news•6 live references•NVD data
CVE-2026-2603
Vulnerability data via NVD (ingested)
CVSS v3.1
8.1
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
EPSS percentile
—
Weaknesses (CWE)
Description
A flaw was found in Keycloak. A remote attacker could bypass security controls by sending a valid SAML response from an external Identity Provider (IdP) to the Keycloak SAML endpoint for IdP-initiated broker logins. This allows the attacker to complete broker logins even when the SAML Identity Provider is disabled, leading to unauthorized authentication.
Timeline
Published 2026-03-18
Modified 2026-06-30
External references
Search for exposed instances
Shodan + Censys queries derived from NVD's CPE data. The vuln tag catches assets Shodan has explicitly linked to this CVE; the product / banner fingerprints find exposed instances even when the vuln tag was never applied (which is common).
More intel sources (5)
Shodan report
vuln:CVE-2026-2603Country / ASN / product breakdown for the vuln query.
Censys
vulnerabilities.cve_id: CVE-2026-2603Censys host search filtered to this CVE id.
grep.app
CVE-2026-2603Public source-code mentions — fast PoC discovery.
GitHub code
CVE-2026-2603GitHub code search for direct mentions.
Google dork
"CVE-2026-2603" exploit -site:nvd.nist.govWrite-ups and news, NVD excluded.
Known PoCs on GitHub (8)
CVE-2026-26038 repos
Tencent/AI-Infra-GuardPython
A full-stack AI Red Teaming platform securing AI ecosystems via OpenClaw Security Scan, Agent Scan, Skills Scan, MCP scan, AI Infra scan and LLM jailbreak evaluation.
oliver-kriska/claude-elixir-phoenixPython
Claude Code plugin for Elixir/Phoenix/LiveView — 20 specialist agents, Iron Laws enforcement, and Tidewave MCP integration. Plan features with parallel research agents, execute wit…
jnMetaCode/shellwardTypeScript
AI 应用合规网关 · 一行命令体检 AI 项目的「数据出境 / 硬编码密钥 / 个人信息暴露」(网安法·PIPL·等保2.0·数据出境·AI标识),并给出境内模型替代建议;可作运行时防护拦截注入与数据外泄 · 中文优先 · 零依赖 · 开源
Josh-blythe/bordair-multimodalPython
Open-source cross-modal and multimodal prompt injection test suite. 250,000+ attack payloads across text, image, document, and audio modalities. Research-backed by OWASP LLM Top 10…
DarkFunct/TK-CVE-RepoPython
TK-CVE-Repo
DeathShotXD/0xKern3lCrushC
Advanced PoC & Research for CVE-2026-0828 (Safetica) and CVE-2025-7771 (ThrottleStop). Analysis of BYOVD (Bring Your Own Vulnerable Driver) TTPs for Ring 0 process termination and …
codependentai/resonantTypeScript
Open-source relational AI framework with identity persistence, memory, and MCP integration. Build relationship-aware AI agents that remember, grow, and maintain continuity. Built o…
cuihuan/awesome-ai-gatewayHTML
⚡ Awesome AI Gateway — curated comparison of 100+ AI gateways & LLM proxies (LiteLLM, OpenRouter, Portkey, Kong, Higress, new-api, Bifrost) by cost, security, compliance & self-hos…