CVE-2026-9803: Out-of-bounds Read in Red Hat Red Hat Build of Keycloak
A flaw was found in Keycloak's ClientRegistrationAuth component. A remote unauthenticated attacker can exploit this vulnerability by sending a specially crafted POST request with a malformed 'Authorization: Bearer' header to any client registration endpoint. This can lead to an ArrayIndexOutOfBoundsException, causing the server to return an HTTP 500 error and resulting in a Denial of Service (DoS) for the affected service.
AI Analysis
Technical Summary
The vulnerability CVE-2026-9803 exists in the ClientRegistrationAuth component of Red Hat Build of Keycloak. It allows a remote unauthenticated attacker to cause an out-of-bounds read by sending a malformed 'Authorization: Bearer' header in a POST request to any client registration endpoint. This triggers an ArrayIndexOutOfBoundsException, leading to an HTTP 500 error and denial of service. The CVSS 3.1 base score is 5.3 (medium severity) with network attack vector, low attack complexity, no privileges required, no user interaction, and impact limited to availability.
Potential Impact
Successful exploitation results in a denial of service by causing the Keycloak server to return HTTP 500 errors due to an unhandled exception. There is no confidentiality or integrity impact reported. The service disruption could affect availability of authentication services relying on Keycloak's client registration endpoints.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory at https://access.redhat.com/security/cve/CVE-2026-9803 for current remediation guidance. Until a fix is available, consider implementing network-level protections such as filtering or rate limiting malformed requests targeting client registration endpoints to reduce the risk of denial of service.
CVE-2026-9803: Out-of-bounds Read in Red Hat Red Hat Build of Keycloak
Description
A flaw was found in Keycloak's ClientRegistrationAuth component. A remote unauthenticated attacker can exploit this vulnerability by sending a specially crafted POST request with a malformed 'Authorization: Bearer' header to any client registration endpoint. This can lead to an ArrayIndexOutOfBoundsException, causing the server to return an HTTP 500 error and resulting in a Denial of Service (DoS) for the affected service.
CVSS v3.1
Score 5.3medium
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The vulnerability CVE-2026-9803 exists in the ClientRegistrationAuth component of Red Hat Build of Keycloak. It allows a remote unauthenticated attacker to cause an out-of-bounds read by sending a malformed 'Authorization: Bearer' header in a POST request to any client registration endpoint. This triggers an ArrayIndexOutOfBoundsException, leading to an HTTP 500 error and denial of service. The CVSS 3.1 base score is 5.3 (medium severity) with network attack vector, low attack complexity, no privileges required, no user interaction, and impact limited to availability.
Potential Impact
Successful exploitation results in a denial of service by causing the Keycloak server to return HTTP 500 errors due to an unhandled exception. There is no confidentiality or integrity impact reported. The service disruption could affect availability of authentication services relying on Keycloak's client registration endpoints.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory at https://access.redhat.com/security/cve/CVE-2026-9803 for current remediation guidance. Until a fix is available, consider implementing network-level protections such as filtering or rate limiting malformed requests targeting client registration endpoints to reduce the risk of denial of service.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- redhat
- Date Reserved
- 2026-05-28T04:02:28.881Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
- Vendor Advisory Urls
- [{"url":"https://access.redhat.com/security/cve/CVE-2026-9803","vendor":"Red Hat"}]
Threat ID: 6a17daeae29bf47b50b180fe
Added to database: 5/28/2026, 6:04:26 AM
Last enriched: 5/28/2026, 6:18:35 AM
Last updated: 5/29/2026, 4:02:19 PM
Views: 17
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.