| BDSA-2026-7641 |
|
Low |
Apr 21, 2026 |
Keycloak is vulnerable to improper access control due to incomplete enforcement of access control checks on the `resource_set` endpoint. This could all
more...
Keycloak is vulnerable to improper access control due to incomplete enforcement of access control checks on the `resource_set` endpoint. This could allow an attacker with valid credentials to bypass the `allowRemoteResourceManagement=false` restriction and perform unauthorized modifications to protected resources, impacting data integrity.
less...
|
|
| BDSA-2026-7584 |
|
Medium |
Apr 20, 2026 |
Red Hat Build of Keycloak is vulnerable to cross-site scripting (XSS) due to improper handling of the `organization.alias` in an inline JavaScript `onc
more...
Red Hat Build of Keycloak is vulnerable to cross-site scripting (XSS) due to improper handling of the `organization.alias` in an inline JavaScript `onclick` handler on the organization selection login page. This could allow an attacker with `manage-realm` or `manage-organizations` privileges to execute arbitrary JavaScript in a user's browser, potentially leading to session theft, unauthorized account actions, or further attacks against users of the affected realm.
less...
|
|
| BDSA-2026-4047 |
|
Low |
Mar 16, 2026 |
Keycloak is vulnerable to improper access control due to insufficient validation of the authentication level of assurance (LoA) in the Account REST API
more...
Keycloak is vulnerable to improper access control due to insufficient validation of the authentication level of assurance (LoA) in the Account REST API. This could allow an attacker to delete a victim's registered multi-factor authentication (MFA) or one-time password (OTP) credential and register their own MFA device, leading to full account takeover.
less...
|
|
| BDSA-2026-3755 |
|
Low |
Mar 11, 2026 |
Keycloak is vulnerable to unauthorized information disclosure due to a flaw in the `UserResource` component. This could allow an attacker with the `vie
more...
Keycloak is vulnerable to unauthorized information disclosure due to a flaw in the `UserResource` component. This could allow an attacker with the `view-users` role to improperly retrieve user attributes configured to be hidden, potentially exposing sensitive user data.
less...
|
|
| BDSA-2026-1469 |
|
Low |
Feb 03, 2026 |
Keycloak is vulnerable to server-side request forgery (SSRF) due to insufficient validation of client-configured backchannel notification endpoints in
more...
Keycloak is vulnerable to server-side request forgery (SSRF) due to insufficient validation of client-configured backchannel notification endpoints in the CIBA feature. This could allow an attacker with administrative access or a valid initial access token to induce the server to send blind requests to arbitrary internal services, potentially enabling limited abuse of internal network resources.
less...
|
|
| BDSA-2026-12559 |
|
Medium |
May 28, 2026 |
Keycloak is vulnerable to denial-of-service (DoS) due to improper handling of malformed `Authorization: Bearer` headers in the `ClientRegistrationAuth`
more...
Keycloak is vulnerable to denial-of-service (DoS) due to improper handling of malformed `Authorization: Bearer` headers in the `ClientRegistrationAuth` component. This could allow an attacker to send specially crafted POST requests to client registration endpoints, causing an `ArrayIndexOutOfBoundsException` and resulting in service disruption.
less...
|
|
| BDSA-2026-12555 |
|
Medium |
May 28, 2026 |
Keycloak is vulnerable to security restriction bypass due to improper handling insufficient permissions in the `ClientScopesCondition.java` file. This
more...
Keycloak is vulnerable to security restriction bypass due to improper handling insufficient permissions in the `ClientScopesCondition.java` file. This could allow a remote attacker to obtain tokens by using a resource owner password credentials grant, potentially leading to unauthorized access or information exposure.
less...
|
|
| BDSA-2026-11129 |
|
Medium |
May 19, 2026 |
Keycloak is vulnerable to improper token revocation due to insufficient of realm-level policy enforcement in the OpenID Connect (OIDC) Introspection fu
more...
Keycloak is vulnerable to improper token revocation due to insufficient of realm-level policy enforcement in the OpenID Connect (OIDC) Introspection functionality when both realm-level and client-level `notBefore` revocation policies are configured. This could allow an attacker to maintain unauthorized access by using tokens which should have been revoked.
less...
|
|
| BDSA-2026-0612 |
|
Low |
Jan 16, 2026 |
Keycloak is vulnerable to endpoint exposure due to improper input validation from its acceptance of RFC-compliant matrix parameters in URL path segment
more...
Keycloak is vulnerable to endpoint exposure due to improper input validation from its acceptance of RFC-compliant matrix parameters in URL path segments. This could allow a remote unauthenticated attacker to bypass reverse proxy path filtering and potentially access administrative or sensitive endpoints believed to be unreachable externally.
less...
|
|
| BDSA-2025-1366 |
|
Medium |
Feb 24, 2025 |
A vulnerability was found in Keycloak. This issue may allow a privileged attacker to use a malicious payload as the permission while creating items (Re
more...
A vulnerability was found in Keycloak. This issue may allow a privileged attacker to use a malicious payload as the permission while creating items (Resource and Permissions) from the admin console, leading to a stored cross-site scripting (XSS) attack.
**Note: CVE details have been utilized in generating this advisory. The details of the vulnerability have not been independently verified by Black Duck CyRC.**
less...
|
|