CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2026/05/28 6:16 a.m.•9 views

CVE-2026-9798

A flaw was found in Keycloak, an open-source identity and access management solution. When a user account is temporarily locked due to repeated failed login attempts, an attacker with valid client credentials can exploit the Client-Initiated Backchannel Authentication CIBA flow to bypass this...

4.3CVSS0.00052EPSS

NVD•added 2026/05/28 6:16 a.m.•10 views

CVE-2026-9803

A flaw was found in Keycloak's ClientRegistrationAuth component. A remote unauthenticated attacker can exploit this vulnerability by sending a specially crafted POST request with a malformed 'Authorization: Bearer' header to any client registration endpoint. This can lead to an...

5.3CVSS0.00098EPSS

NVD•added 2026/05/28 5:16 a.m.•10 views

CVE-2026-9795

A flaw was found in Keycloak's Fine-Grained Admin Permissions FGAPv2 feature. An administrator with limited client management permissions can exploit this vulnerability to assign any realm role, including highly privileged roles, to a client's scope mapping. This bypasses intended security...

7.3CVSS0.00034EPSS

NVD•added 2026/05/28 5:16 a.m.•11 views

CVE-2026-9796

A flaw was found in Keycloak. An authenticated administrator with the manage-clients role can exploit a Time-of-check to time-of-use TOCTOU vulnerability in the name-based admin role checks. This allows the attacker to escalate their privileges to realm-admin for all users within the realm,...

6.5CVSS0.00027EPSS

NVD•added 2026/05/28 5:16 a.m.•10 views

CVE-2026-9792

A flaw was found in Keycloak's Client Policies, specifically within the org.keycloak.protocol.oidc component. When certain condition providers client-type, client-roles, client-attributes, client-scopes are used to enforce security restrictions, the reject-ropc-grant executor is silently bypassed...

6.5CVSS0.00036EPSS

NVD•added 2026/05/28 5:16 a.m.•13 views

CVE-2026-9793

A flaw was found in Keycloak. When a JSON Web Encryption JWE encrypted request object is submitted, Keycloak may incorrectly process unsigned claims if the decrypted content is raw JSON, bypassing the configured signature policy. This allows a remote attacker to submit unauthorized claims, leadin...

7.5CVSS0.00013EPSS

NVD•added 2026/05/28 5:16 a.m.•11 views

CVE-2026-9794

A flaw was found in Keycloak. A remote, unauthenticated attacker can exploit this vulnerability by sending specially crafted SOAP requests to the SAML ECP Security Assertion Markup Language Enhanced Client or Proxy endpoint with varying client IDs. By observing distinct faultstrings in the...

5.3CVSS0.00039EPSS

Cvelist•added 2026/05/28 4:47 a.m.•33 views

CVE-2026-9802 Keycloak: keycloak: unauthorized account access via replayed refresh tokens after cluster restart

6.8CVSS0.00043EPSS

Cvelist•added 2026/05/28 4:47 a.m.•28 views

CVE-2026-9803 Keycloak: keycloak: denial of service via malformed authorization header

5.3CVSS0.00098EPSS

CVE•added 2026/05/28 4:47 a.m.•19 views

CVE-2026-9803

CVE-2026-9803 describes a denial-of-service flaw in Keycloak’s ClientRegistrationAuth component. A remote, unauthenticated attacker can trigger an ArrayIndexOutOfBoundsException by sending a specially crafted POST request with a malformed Authorization: Bearer header to any client registration en...

Exploits0References3Affected Software1

CVE•added 2026/05/28 4:47 a.m.•19 views

CVE-2026-9802

Keycloak contains a vulnerability where, with revokeRefreshToken=true and persistent session storage, a server restart can reset internal timing mechanisms, enabling a remote attacker who has captured a user’s refresh token to replay it after revocation. This can grant unauthorized access to the ...

6.8CVSS5.7AI score0.00043EPSS

Exploits0References3Affected Software1

ATTACKERKB•added 2026/05/28 4:47 a.m.•5 views

CVE-2026-9803

RedhatCVE•added 2026/05/28 4:47 a.m.•10 views

CVE-2026-9803

5.3CVSS5.7AI score0.00098EPSS

EUVD•added 2026/05/28 4:47 a.m.•7 views

EUVD-2026-32719

Vulnrichment•added 2026/05/28 4:47 a.m.•7 views

CVE-2026-9802 Keycloak: keycloak: unauthorized account access via replayed refresh tokens after cluster restart

6.8CVSS5.7AI score0.00043EPSS

Vulnrichment•added 2026/05/28 4:47 a.m.•7 views

CVE-2026-9803 Keycloak: keycloak: denial of service via malformed authorization header

Cvelist•added 2026/05/28 4:42 a.m.•29 views

CVE-2026-9801 Keycloak: keycloak: denial of service via malformed ldap password policy response

A flaw was found in Keycloak. A remote attacker with high privileges, such as a realm administrator configuring a malicious Lightweight Directory Access Protocol LDAP server or an attacker compromising an upstream LDAP server, could exploit this vulnerability. By sending a malformed LDAP password...

4.9CVSS0.00247EPSS

CVE•added 2026/05/28 4:42 a.m.•18 views

CVE-2026-9801

CVE-2026-9801 affects Keycloak. A remote attacker with high privileges (e.g., a realm administrator configuring a malicious LDAP server or compromising an upstream LDAP server) can trigger an OutOfMemoryError by sending a malformed LDAP password policy response during authentication, causing the ...

4.9CVSS5.8AI score0.00247EPSS

Exploits0References3Affected Software1

RedhatCVE•added 2026/05/28 4:42 a.m.•7 views

CVE-2026-9801

4.9CVSS5.8AI score0.00247EPSS