VYPR
Low severity2.7GHSA Advisory· Published Dec 10, 2025· Updated Apr 15, 2026

CVE-2025-14082

CVE-2025-14082

Description

A flaw was found in Keycloak Admin REST (Representational State Transfer) API. This vulnerability allows information disclosure of sensitive role metadata via insufficient authorization checks on the /admin/realms/{realm}/roles endpoint.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
org.keycloak:keycloak-servicesMaven
< 26.5.026.5.0

Affected products

17

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.