Keycloak WebAuthn Policy Bypass Vulnerability

Vulnerability

A vulnerability in Keycloak allows authenticated users to bypass WebAuthn policies during credential registration. This issue arises because the server-side processAction() does not properly validate that the parameters of newly created credentials, such as public key algorithms, align with the realm's WebAuthn policy settings. As a result, credentials that fail to meet security requirements can be registered, potentially undermining the system's overall security by permitting non-compliant authentication methods.

Impact

Exploiting this vulnerability could lead to the registration of WebAuthn credentials that do not comply with established security policies, allowing weaker authentication methods to be used.

Added: May 19, 2026, 7:20 AM

Updated: May 19, 2026, 7:20 AM

Vulnerability Rating

Custom Algorithm

spread

5.2

impact

0.6

exploitability

5.4

remediation

0.0

relevance

8.8

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.2

impact

0.6

exploitability

5.4

remediation

0.0

relevance

8.8

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Keycloak WebAuthn Policy Bypass Vulnerability

Vulnerability

Impact

Affected Products

Keycloak

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating