Unrated severityNVD Advisory· Published Jun 20, 2025· Updated Nov 21, 2025
Keycloak-core: keycloak environment information
CVE-2025-5416
Description
A vulnerability has been identified in Keycloak that could lead to unauthorized information disclosure. While it requires an already authenticated user, the /admin/serverinfo endpoint can inadvertently provide sensitive environment information.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- cpe:/a:redhat:build_keycloak:
Patches
Vulnerability mechanics
References
2- access.redhat.com/security/cve/CVE-2025-5416mitrevdb-entryx_refsource_REDHAT
- bugzilla.redhat.com/show_bug.cgimitreissue-trackingx_refsource_REDHAT
News mentions
0No linked articles in our index yet.