Lucene search
K

4 matches found

NVD
NVD
added 2026/05/28 6:16 a.m.18 views

CVE-2026-9798

A flaw was found in Keycloak, an open-source identity and access management solution. When a user account is temporarily locked due to repeated failed login attempts, an attacker with valid client credentials can exploit the Client-Initiated Backchannel Authentication CIBA flow to bypass this...

4.3CVSS0.00206EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/28 4:37 a.m.10 views

CVE-2026-9798

A flaw was found in Keycloak, an open-source identity and access management solution. When a user account is temporarily locked due to repeated failed login attempts, an attacker with valid client credentials can exploit the Client-Initiated Backchannel Authentication CIBA flow to bypass this...

4.3CVSS5.7AI score0.00206EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/28 4:37 a.m.11 views

EUVD-2026-32717

A flaw was found in Keycloak, an open-source identity and access management solution. When a user account is temporarily locked due to repeated failed login attempts, an attacker with valid client credentials can exploit the Client-Initiated Backchannel Authentication CIBA flow to bypass this...

4.3CVSS5.7AI score0.00206EPSS
Exploits0References2
EUVD
EUVD
added 2026/02/02 7:17 a.m.4 views

EUVD-2026-5130

A flaw was found in Keycloak’s CIBA feature where insufficient validation of client-configured backchannel notification endpoints could allow blind server-side requests to internal services...

2.7CVSS5.3AI score0.00236EPSS
Exploits0References2
Rows per page
Query Builder