🟠 CVE-2026-4636 - High (8.1)

A flaw was found in Keycloak. An authenticated user with the uma_protection role can bypass User-Managed Access (UMA) policy validation. This allows the attacker to include resource identifiers owned by other users in a policy creation request, ev...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-4636/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack