Security Advisory

CVE-2026-0707

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-01-08 03:41:27

Last updated 2026-03-06 03:17:03

Assigner redhat

State PUBLISHED

Description

A flaw was found in Keycloak. The Keycloak Authorization header parser is overly permissive regarding the formatting of the "Bearer" authentication scheme. It accepts non-standard characters (such as tabs) as separators and tolerates case variations that deviate from RFC 6750 specifications.

← Browse all CVEs View on cve.org ↗