VYPR

Build Of Keycloak

by Red Hat

Source repositories

CVEs (68)

  • CVE-2026-7571HigMay 19, 2026
    risk 0.39cvss 7.1epss 0.00

    A flaw was found in Keycloak. A low-privilege user, with knowledge of user credentials and client ID, can bypass a security control intended to disable the implicit flow in OpenID Connect (OIDC) clients. By manipulating client data during a session restart, an attacker can…

  • CVE-2023-6717MedApr 25, 2024
    risk 0.39cvss 6.0epss 0.01

    A flaw was found in the SAML client registration in Keycloak that could allow an administrator to register malicious JavaScript URIs as Assertion Consumer Service POST Binding URLs (ACS), posing a Cross-Site Scripting (XSS) risk. This issue may allow a malicious admin in one…

  • CVE-2026-9793MedMay 28, 2026
    risk 0.38cvss 5.9epss 0.00

    A flaw was found in Keycloak. When a JSON Web Encryption (JWE) encrypted request object is submitted, Keycloak may incorrectly process unsigned claims if the decrypted content is raw JSON, bypassing the configured signature policy. This allows a remote attacker to submit…

  • CVE-2026-4366MedMar 18, 2026
    risk 0.38cvss 5.8epss 0.00

    A flaw was identified in Keycloak, an identity and access management solution, where it improperly follows HTTP redirects when processing certain client configuration requests. This behavior allows an attacker to trick the server into making unintended requests to internal or…

  • CVE-2026-37982MedMay 19, 2026
    risk 0.37cvss 6.8epss 0.00

    A flaw was found in Keycloak. This authentication vulnerability allows a remote attacker to replay `ExecuteActionsActionToken` tokens within Keycloak's WebAuthn (Web Authentication) flow. By intercepting an execute-actions email link, an attacker can register their own…

  • CVE-2026-9087MedMay 20, 2026
    risk 0.35cvss 6.4epss 0.00

    A flaw was found in Keycloak. The cross-session verification proof is keyed only by (local userId, idpAlias) and is not bound to the upstream identity that was actually verified, so a second upstream account on the same IdP can consume it and get linked to the victim's local…

  • CVE-2026-37979MedMay 19, 2026
    risk 0.35cvss 6.5epss 0.00

    A flaw was found in Keycloak. This access control vulnerability in Keycloak's OpenID Connect (OIDC) token introspection endpoint allows a confidential client to bypass audience restrictions. An attacker-controlled client with valid credentials can retrieve sensitive token claims…

  • CVE-2026-3121MedMar 26, 2026
    risk 0.35cvss 6.5epss 0.00

    A flaw was found in Keycloak. An administrator with `manage-clients` permission can exploit a misconfiguration where this permission is equivalent to `manage-permissions`. This allows the administrator to escalate privileges and gain control over roles, users, or other…

  • CVE-2025-7784MedJul 18, 2025
    risk 0.35cvss 6.5epss 0.00

    A flaw was found in the Keycloak identity and access management system when Fine-Grained Admin Permissions(FGAPv2) are enabled. An administrative user with the manage-users role can escalate their privileges to realm-admin due to improper privilege enforcement. This…

  • CVE-2023-6544MedApr 25, 2024
    risk 0.35cvss 5.4epss 0.01

    A flaw was found in the Keycloak package. This issue occurs due to a permissive regular expression hardcoded for filtering which allows hosts to register a dynamic client. A malicious user with enough information about the environment could jeopardize an environment with this…

  • CVE-2026-9803MedMay 28, 2026
    risk 0.34cvss 5.3epss 0.00

    A flaw was found in Keycloak's ClientRegistrationAuth component. A remote unauthenticated attacker can exploit this vulnerability by sending a specially crafted POST request with a malformed 'Authorization: Bearer' header to any client registration endpoint. This can lead to an…

  • CVE-2026-9801MedMay 28, 2026
    risk 0.32cvss 4.9epss 0.00

    A flaw was found in Keycloak. A remote attacker with high privileges, such as a realm administrator configuring a malicious Lightweight Directory Access Protocol (LDAP) server or an attacker compromising an upstream LDAP server, could exploit this vulnerability. By sending a…

  • CVE-2026-9798MedMay 28, 2026
    risk 0.28cvss 4.3epss 0.00

    A flaw was found in Keycloak, an open-source identity and access management solution. When a user account is temporarily locked due to repeated failed login attempts, an attacker with valid client credentials can exploit the Client-Initiated Backchannel Authentication (CIBA)…

  • CVE-2026-8922MedMay 19, 2026
    risk 0.28cvss 5.4epss 0.00

    A flaw was found in Keycloak. When both realm-level and client-level `notBefore` revocation policies are configured, Keycloak's OpenID Connect (OIDC) Introspection feature fails to properly honor the realm-level policy. This allows tokens that should have been revoked to remain…

  • CVE-2026-7500MedApr 30, 2026
    risk 0.28cvss 5.4epss 0.00

    When Keycloak is started with `--features-disabled=account,account-api`, the Account REST API is only partially disabled. Five endpoints under the versioned path `/account/v1alpha1` remain fully functional — including both read and write operations — because they lack the…

  • CVE-2026-4628MedMar 23, 2026
    risk 0.28cvss 4.3epss 0.00

    A flaw was found in Keycloak. An improper Access Control vulnerability in Keycloak’s User-Managed Access (UMA) resource_set endpoint allows attackers with valid credentials to bypass the allowRemoteResourceManagement=false restriction. This occurs due to incomplete enforcement…

  • CVE-2023-6484MedApr 25, 2024
    risk 0.28cvss 5.3epss 0.01

    A log injection flaw was found in Keycloak. A text string may be injected through the authentication form when using the WebAuthn authentication mode. This issue may have a minor impact to the logs integrity.

  • CVE-2016-8627MedMay 11, 2018
    risk 0.28cvss 4.3epss 0.03

    admin-cli before versions 3.0.0.alpha25, 2.2.1.cr2 is vulnerable to an EAP feature to download server log files that allows logs to be available via GET requests making them vulnerable to cross-origin attacks. An attacker could trigger the user's browser to request the log files…

  • CVE-2026-9794MedMay 28, 2026
    risk 0.27cvss 5.3epss 0.00

    A flaw was found in Keycloak. A remote, unauthenticated attacker can exploit this vulnerability by sending specially crafted SOAP requests to the SAML ECP (Security Assertion Markup Language Enhanced Client or Proxy) endpoint with varying client IDs. By observing distinct…

  • CVE-2026-9689MedMay 27, 2026
    risk 0.27cvss 4.2epss 0.00

    A flaw was found in Keycloak, an open-source identity and access management solution. When a client application is configured to accept broad redirect Uniform Resource Identifiers (URIs), a remote attacker can manipulate the authentication process by crafting a special web…