Keycloak Services
by Keycloak
CVEs (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-14614 | mod | 0.35 | 5.4 | — | Jul 3, 2026 | keycloak-services: keycloak-services: FGAP v2 client scope assignment bypass via ClientResource | ||
| CVE-2026-14613 | mod | 0.28 | 4.3 | — | Jul 3, 2026 | keycloak-services: keycloak-services: Keycloak: FGAP v2 role groups endpoint discloses hidden group metadata without group view permission |
- risk 0.35cvss 5.4epss —
keycloak-services: keycloak-services: FGAP v2 client scope assignment bypass via ClientResource
- risk 0.28cvss 4.3epss —
keycloak-services: keycloak-services: Keycloak: FGAP v2 role groups endpoint discloses hidden group metadata without group view permission