VYPR

Keycloak

by Keycloak

Source repositories

CVEs (104)

  • CVE-2014-3709HigOct 18, 2017
    risk 0.50cvss 8.8epss 0.01

    The org.keycloak.services.resources.SocialResource.callback method in JBoss KeyCloak before 1.0.3.Final allows remote attackers to conduct cross-site request forgery (CSRF) attacks by leveraging lack of CSRF protection.

  • CVE-2025-11419HigDec 23, 2025
    risk 0.49cvss 7.5epss 0.01

    A flaw was found in Keycloak. This vulnerability allows an unauthenticated remote attacker to cause a denial of service (DoS) by repeatedly initiating TLS 1.2 client-initiated renegotiation requests to exhaust server CPU resources, making the service unavailable.

  • CVE-2014-3651HigDec 29, 2017
    risk 0.49cvss 7.5epss 0.02

    JBoss KeyCloak before 1.0.3.Final allows remote attackers to cause a denial of service (resource consumption) via a large value in the size parameter to auth/qrcode, related to QR code generation.

  • CVE-2017-12159HigOct 26, 2017
    risk 0.49cvss 7.5epss 0.02

    It was found that the cookie used for CSRF prevention in Keycloak was not unique to each session. An attacker could use this flaw to gain access to an authenticated user session, leading to possible information disclosure or further attacks.

  • CVE-2026-9086impJun 25, 2026
    risk 0.47cvss 7.3epss 0.00

    keycloak: Keycloak: Cross-site scripting (XSS) via case-insensitive URI validation bypass

  • CVE-2026-11577HigJun 8, 2026
    risk 0.47cvss 7.2epss 0.00

    A flaw was found in Keycloak. A limited administrator can exploit an improper access control vulnerability in the POST /admin/realms/{realm}/partialImport endpoint. This allows them to bypass Fine-Grained Admin Permissions (FGAP) and escalate their privileges to a full realm…

  • CVE-2026-9795HigMay 28, 2026
    risk 0.47cvss 7.3epss 0.00

    A flaw was found in Keycloak's Fine-Grained Admin Permissions (FGAPv2) feature. An administrator with limited client management permissions can exploit this vulnerability to assign any realm role, including highly privileged roles, to a client's scope mapping. This bypasses…

  • CVE-2025-3501HigApr 29, 2025
    risk 0.46cvss 8.2epss 0.00

    A flaw was found in Keycloak. By setting a verification policy to 'ALL', the trust store certificate verification is skipped, which is unintended.

  • CVE-2024-10039higNov 25, 2024
    risk 0.45cvss epss 0.00

    A vulnerability was found in Keycloak. Deployments of Keycloak with a reverse proxy not using pass-through termination of TLS, with mTLS enabled, are affected. This issue may allow an attacker on the local network to authenticate as any user or client that leverages mTLS as the…

  • CVE-2026-9802MedMay 28, 2026
    risk 0.44cvss 6.8epss 0.00

    A flaw was found in Keycloak. When revokeRefreshToken=true is enabled and persistent session storage is in use, a server restart can reset internal timing mechanisms. This allows a remote attacker, who has previously captured a user's refresh token, to replay that token even…

  • CVE-2026-9704MedMay 27, 2026
    risk 0.44cvss 6.8epss 0.00

    A flaw was found in Keycloak. An authenticated user with low privileges can exploit this vulnerability by sending an oversized subject_token JSON Web Token (JWT) to the TokenEndpoint. When the token exceeds a 4000-character limit, it is silently dropped, causing the system to…

  • CVE-2026-12388modJun 30, 2026
    risk 0.42cvss 6.5epss

    keycloak-broker: Keycloak: Privilege escalation to realm administrator via improper authorization in identity provider mapper

  • CVE-2026-9705modJun 25, 2026
    risk 0.42cvss 6.5epss 0.00

    keycloak: Keycloak: Attacker can re-enable and take over disabled clients via Registration Access Token

  • CVE-2026-9796MedMay 28, 2026
    risk 0.42cvss 6.5epss 0.00

    A flaw was found in Keycloak. An authenticated administrator with the `manage-clients` role can exploit a Time-of-check to time-of-use (TOCTOU) vulnerability in the name-based admin role checks. This allows the attacker to escalate their privileges to `realm-admin` for all users…

  • CVE-2026-9792MedMay 28, 2026
    risk 0.42cvss 6.5epss 0.00

    A flaw was found in Keycloak's Client Policies, specifically within the `org.keycloak.protocol.oidc` component. When certain condition providers (client-type, client-roles, client-attributes, client-scopes) are used to enforce security restrictions, the `reject-ropc-grant`…

  • CVE-2026-7307HigMay 19, 2026
    risk 0.42cvss 7.5epss 0.01

    A flaw was found in Keycloak. A remote, unauthenticated attacker can send a specially crafted XML input to the Security Assertion Markup Language (SAML) endpoint. This malicious input can cause high CPU usage and worker thread starvation, leading to a Denial of Service (DoS)…

  • CVE-2022-2232HigNov 14, 2024
    risk 0.42cvss 7.5epss 0.01

    A flaw was found in the Keycloak package. This flaw allows an attacker to utilize an LDAP injection to bypass the username lookup or potentially perform other malicious actions.

  • CVE-2026-7571HigMay 19, 2026
    risk 0.39cvss 7.1epss 0.00

    A flaw was found in Keycloak. A low-privilege user, with knowledge of user credentials and client ID, can bypass a security control intended to disable the implicit flow in OpenID Connect (OIDC) clients. By manipulating client data during a session restart, an attacker can…

  • CVE-2025-14777MedDec 16, 2025
    risk 0.39cvss 6.0epss 0.00

    A flaw was found in Keycloak. An IDOR (Broken Access Control) vulnerability exists in the admin API endpoints for authorization resource management, specifically in ResourceSetService and PermissionTicketService. The system checks authorization against the resourceServer…

  • CVE-2026-9793MedMay 28, 2026
    risk 0.38cvss 5.9epss 0.00

    A flaw was found in Keycloak. When a JSON Web Encryption (JWE) encrypted request object is submitted, Keycloak may incorrectly process unsigned claims if the decrypted content is raw JSON, bypassing the configured signature policy. This allows a remote attacker to submit…

Page 1 of 6