VYPR

npm package

@keycloak/keycloak-admin-client

pkg:npm/%40keycloak/keycloak-admin-client

Vulnerabilities (1)

  • CVE-2026-2366LowMar 12, 2026
    affected <= 26.5.5

    A flaw was found in Keycloak. An authorization bypass vulnerability in the Keycloak Admin API allows any authenticated user, even those without administrative privileges, to enumerate the organization memberships of other users. This information disclosure occurs if the attacker