Moderate severity4.9NVD Advisory· Published Jul 15, 2026
keycloak-services: keycloak-services: Incorrect authorization in admin role-composite deletion allows delegated admin to remove privileged child roles
CVE-2026-16106
Description
keycloak-services: keycloak-services: Incorrect authorization in admin role-composite deletion allows delegated admin to remove privileged child roles
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)
Patches
Vulnerability mechanics
News mentions
0No linked articles in our index yet.