Home/Product/redhat build of keycloak
Product

redhat build of keycloak

29 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2026-7500
all versions
When Keycloak is started with --features-disabled=account,account-api, the Account REST API is only partially disabled. Five end
5.4MEDIUM
 CVE-2026-37977
all versions
A flaw was found in Keycloak. A remote attacker can exploit a Cross-Origin Resource Sharing (CORS) header injection vulnerability
3.7LOW
 CVE-2026-4636
all versions
A flaw was found in Keycloak. An authenticated user with the uma_protection role can bypass User-Managed Access (UMA) policy valid
8.1HIGH
 CVE-2026-4634
all versions
A flaw was found in Keycloak. An unauthenticated attacker can exploit this vulnerability by sending a specially crafted POST reque
7.5HIGH
 CVE-2026-4325
all versions
A flaw was found in Keycloak. The SingleUseObjectProvider, a global key-value store, lacks proper type and namespace isolation. Th
5.3MEDIUM
 CVE-2026-4282
all versions
A flaw was found in Keycloak. The SingleUseObjectProvider, a global key-value store, lacks proper type and namespace isolation. Th
7.4HIGH
 CVE-2026-3872
all versions
A flaw was found in Keycloak. This issue allows an attacker, who controls another path on the same web server, to bypass the allow
7.3HIGH
 CVE-2026-3190
all versions
A flaw was found in Keycloak. The User-Managed Access (UMA) 2.0 Protection API endpoint for permission tickets fails to enforce th
4.3MEDIUM
 CVE-2026-3121
all versions
A flaw was found in Keycloak. An administrator with manage-clients permission can exploit a misconfiguration where this permissi
6.5MEDIUM
 CVE-2026-4874
all versions
A flaw was found in Keycloak. An authenticated attacker can perform Server-Side Request Forgery (SSRF) by manipulating the `client
3.1LOW
 CVE-2026-4633
all versions
A flaw was found in Keycloak. A remote attacker can exploit differential error messages during the identity-first login flow when
3.7LOW
 CVE-2026-4628
all versions
A flaw was found in Keycloak. An improper Access Control vulnerability in Keycloak’s User-Managed Access (UMA) resource_set endp
4.3MEDIUM
 CVE-2026-4366
all versions
A flaw was identified in Keycloak, an identity and access management solution, where it improperly follows HTTP redirects when pro
5.8MEDIUM
 CVE-2026-3911
all versions
A flaw was found in Keycloak. An authenticated user with the view-users role could exploit a vulnerability in the UserResource com
2.7LOW
 CVE-2026-3047
all versions
A flaw was found in org.keycloak.broker.saml. When a disabled Security Assertion Markup Language (SAML) client is configured as an
8.8HIGH
 CVE-2026-3009
all versions
A security flaw in the IdentityBrokerService.performLogin endpoint of Keycloak allows authentication to proceed using an Identity
8.1HIGH
 CVE-2025-12150
< 26.4.4
A flaw was found in Keycloak’s WebAuthn registration component. This vulnerability allows an attacker to bypass the configured a
3.1LOW
 CVE-2026-0871
< 26.4.9
A flaw was found in Keycloak. An administrator with manage-users permission can bypass the "Only administrators can view" settin
4.9MEDIUM
 CVE-2025-7784
all versions
A flaw was found in the Keycloak identity and access management system when Fine-Grained Admin Permissions(FGAPv2) are enabled. An
6.5MEDIUM
 CVE-2025-3910
>= 26.0 and < 26.0.11
A flaw was found in Keycloak. The org.keycloak.authorization package may be vulnerable to circumventing required actions, allowing
5.4MEDIUM
 CVE-2024-10234
all versions
A vulnerability was found in Wildfly, where a user may perform Cross-site scripting in the Wildfly deployment system. This flaw al
6.1MEDIUM
 CVE-2024-8883
all versions
A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a 'Valid
6.1MEDIUM
 CVE-2024-7341
>= 22.0 and < 22.0.12
A session fixation issue was discovered in the SAML adapters provided by Keycloak. The session ID and JSESSIONID cookie are not ch
7.1HIGH
 CVE-2024-7318
>= 22.0 and < 24.0.7
A vulnerability was found in Keycloak. Expired OTP codes are still usable when using FreeOTP when the OTP token period is set to 3
4.8MEDIUM
 CVE-2024-7260
< 24.0.7
An open redirect vulnerability was found in Keycloak. A specially crafted URL can be constructed where the referrer and referrer_u
6.1MEDIUM
 CVE-2024-4629
>= 22.0 and < 22.012
A vulnerability was found in Keycloak. This flaw allows attackers to bypass brute force protection by exploiting the timing of log
6.5MEDIUM
 CVE-2024-7885
all versions
A vulnerability was found in Undertow where the ProxyProtocolReadListener reuses the same StringBuilder instance across multiple r
7.5HIGH
 CVE-2023-6787
all versions
A flaw was found in Keycloak that occurs from an error in the re-authentication mechanism within org.keycloak.authentication. This
6.5MEDIUM
 CVE-2024-1132
all versions
A flaw was found in Keycloak, where it does not properly validate URLs included in a redirect. This issue could allow an attacker
8.1HIGH
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh  ·  Open-source threat intelligence platform  ·  100+ authoritative sources  ·  Every fact traces to its origin