Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

4143 matches found

NVD
NVDadded 2026/05/28 6:16 a.m.10 views

CVE-2026-9803

A flaw was found in Keycloak's ClientRegistrationAuth component. A remote unauthenticated attacker can exploit this vulnerability by sending a specially crafted POST request with a malformed 'Authorization: Bearer' header to any client registration endpoint. This can lead to an...

5.3CVSS0.0009EPSS
Exploits0References4
NVD
NVDadded 2026/05/28 5:16 a.m.11 views

CVE-2026-9795

A flaw was found in Keycloak's Fine-Grained Admin Permissions FGAPv2 feature. An administrator with limited client management permissions can exploit this vulnerability to assign any realm role, including highly privileged roles, to a client's scope mapping. This bypasses intended security...

7.3CVSS0.00034EPSS
Exploits0References2
NVD
NVDadded 2026/05/28 5:16 a.m.11 views

CVE-2026-9796

A flaw was found in Keycloak. An authenticated administrator with the manage-clients role can exploit a Time-of-check to time-of-use TOCTOU vulnerability in the name-based admin role checks. This allows the attacker to escalate their privileges to realm-admin for all users within the realm,...

6.5CVSS0.00027EPSS
Exploits0References2
NVD
NVDadded 2026/05/28 5:16 a.m.13 views

CVE-2026-9793

A flaw was found in Keycloak. When a JSON Web Encryption JWE encrypted request object is submitted, Keycloak may incorrectly process unsigned claims if the decrypted content is raw JSON, bypassing the configured signature policy. This allows a remote attacker to submit unauthorized claims, leadin...

7.5CVSS0.00013EPSS
Exploits0References2
NVD
NVDadded 2026/05/28 5:16 a.m.10 views

CVE-2026-9792

A flaw was found in Keycloak's Client Policies, specifically within the org.keycloak.protocol.oidc component. When certain condition providers client-type, client-roles, client-attributes, client-scopes are used to enforce security restrictions, the reject-ropc-grant executor is silently bypassed...

6.5CVSS0.0003EPSS
Exploits0References4
NVD
NVDadded 2026/05/28 5:16 a.m.11 views

CVE-2026-9794

A flaw was found in Keycloak. A remote, unauthenticated attacker can exploit this vulnerability by sending specially crafted SOAP requests to the SAML ECP Security Assertion Markup Language Enhanced Client or Proxy endpoint with varying client IDs. By observing distinct faultstrings in the...

5.3CVSS0.00038EPSS
Exploits0References4
NVD
NVDadded 2026/05/28 5:16 a.m.13 views

CVE-2026-9791

A flaw was found in Keycloak. An authenticated user with existing organization membership can exploit this flaw by accessing user-facing APIs, such as the account API or by requesting an OpenID Connect OIDC token with the 'organization' scope. This allows organization metadata to be disclosed in...

4.3CVSS0.00031EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2026/05/28 4:47 a.m.10 views

CVE-2026-9803

A flaw was found in Keycloak's ClientRegistrationAuth component. A remote unauthenticated attacker can exploit this vulnerability by sending a specially crafted POST request with a malformed 'Authorization: Bearer' header to any client registration endpoint. This can lead to an...

5.3CVSS5.7AI score0.0009EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2026/05/28 4:47 a.m.9 views

CVE-2026-9802

A flaw was found in Keycloak. When revokeRefreshToken=true is enabled and persistent session storage is in use, a server restart can reset internal timing mechanisms. This allows a remote attacker, who has previously captured a user's refresh token, to replay that token even after it has been...

6.8CVSS5.6AI score0.00041EPSS
Exploits0References3
ATTACKERKB
ATTACKERKBadded 2026/05/28 4:47 a.m.7 views

CVE-2026-9802

A flaw was found in Keycloak. When revokeRefreshToken=true is enabled and persistent session storage is in use, a server restart can reset internal timing mechanisms. This allows a remote attacker, who has previously captured a user's refresh token, to replay that token even after it has been...

6.8CVSS5.7AI score0.00041EPSS
Exploits0References3
Cvelist
Cvelistadded 2026/05/28 4:47 a.m.37 views

CVE-2026-9802 Keycloak: keycloak: unauthorized account access via replayed refresh tokens after cluster restart

A flaw was found in Keycloak. When revokeRefreshToken=true is enabled and persistent session storage is in use, a server restart can reset internal timing mechanisms. This allows a remote attacker, who has previously captured a user's refresh token, to replay that token even after it has been...

6.8CVSS0.00041EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2026/05/28 4:47 a.m.7 views

CVE-2026-9803 Keycloak: keycloak: denial of service via malformed authorization header

A flaw was found in Keycloak's ClientRegistrationAuth component. A remote unauthenticated attacker can exploit this vulnerability by sending a specially crafted POST request with a malformed 'Authorization: Bearer' header to any client registration endpoint. This can lead to an...

5.3CVSS5.8AI score0.0009EPSS
Exploits0References4
CVE
CVEadded 2026/05/28 4:47 a.m.21 views

CVE-2026-9803

CVE-2026-9803 describes a denial-of-service flaw in Keycloak’s ClientRegistrationAuth component. A remote, unauthenticated attacker can trigger an ArrayIndexOutOfBoundsException by sending a specially crafted POST request with a malformed Authorization: Bearer header to any client registration en...

5.3CVSS5.8AI score0.0009EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKBadded 2026/05/28 4:47 a.m.5 views

CVE-2026-9803

A flaw was found in Keycloak's ClientRegistrationAuth component. A remote unauthenticated attacker can exploit this vulnerability by sending a specially crafted POST request with a malformed 'Authorization: Bearer' header to any client registration endpoint. This can lead to an...

5.3CVSS5.8AI score0.0009EPSS
Exploits0References3
EUVD
EUVDadded 2026/05/28 4:47 a.m.8 views

EUVD-2026-32719

A flaw was found in Keycloak's ClientRegistrationAuth component. A remote unauthenticated attacker can exploit this vulnerability by sending a specially crafted POST request with a malformed 'Authorization: Bearer' header to any client registration endpoint. This can lead to an...

5.3CVSS5.8AI score0.0009EPSS
Exploits0References2
CVE
CVEadded 2026/05/28 4:47 a.m.20 views

CVE-2026-9802

Keycloak contains a vulnerability where, with revokeRefreshToken=true and persistent session storage, a server restart can reset internal timing mechanisms, enabling a remote attacker who has captured a user’s refresh token to replay it after revocation. This can grant unauthorized access to the ...

6.8CVSS5.7AI score0.00041EPSS
Exploits0References4Affected Software1
Cvelist
Cvelistadded 2026/05/28 4:47 a.m.30 views

CVE-2026-9803 Keycloak: keycloak: denial of service via malformed authorization header

A flaw was found in Keycloak's ClientRegistrationAuth component. A remote unauthenticated attacker can exploit this vulnerability by sending a specially crafted POST request with a malformed 'Authorization: Bearer' header to any client registration endpoint. This can lead to an...

5.3CVSS0.0009EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2026/05/28 4:47 a.m.7 views

CVE-2026-9802 Keycloak: keycloak: unauthorized account access via replayed refresh tokens after cluster restart

A flaw was found in Keycloak. When revokeRefreshToken=true is enabled and persistent session storage is in use, a server restart can reset internal timing mechanisms. This allows a remote attacker, who has previously captured a user's refresh token, to replay that token even after it has been...

6.8CVSS5.7AI score0.00041EPSS
Exploits0References4
EUVD
EUVDadded 2026/05/28 4:47 a.m.7 views

EUVD-2026-32720

A flaw was found in Keycloak. When revokeRefreshToken=true is enabled and persistent session storage is in use, a server restart can reset internal timing mechanisms. This allows a remote attacker, who has previously captured a user's refresh token, to replay that token even after it has been...

6.8CVSS5.7AI score0.00041EPSS
Exploits0References2
EUVD
EUVDadded 2026/05/28 4:42 a.m.15 views

EUVD-2026-32718

A flaw was found in Keycloak. A remote attacker with high privileges, such as a realm administrator configuring a malicious Lightweight Directory Access Protocol LDAP server or an attacker compromising an upstream LDAP server, could exploit this vulnerability. By sending a malformed LDAP password...

4.9CVSS5.8AI score0.00327EPSS
Exploits0References2
Rows per page
Query Builder