EUVD-2026-11247

A flaw was identified in the Account REST API of Keycloak that allows a user authenticated at a lower security level to perform sensitive actions intended only for higher-assurance sessions. Specifically, an attacker who has already obtained a victim’s password can delete the victim’s registered...

CVE-2026-3429

A flaw was identified in the Account REST API of Keycloak that allows a user authenticated at a lower security level to perform sensitive actions intended only for higher-assurance sessions. Specifically, an attacker who has already obtained a victim’s password can delete the victim’s registered...

com.github.wnameless.spring.boot.up:spring-boot-up-embedded-keycloak (=24.3.0.0), com.github.wnameless.spring.boot.up:spring-boot-up-keycloak-plugin (=24.3.0.0) +25 more potentially affected by CVE-2025-10044 via org.keycloak:keycloak-account-ui (>=21.1.1 <=26.2.5)

org.keycloak:keycloak-account-ui MAVEN version =21.1.1, =2.5.6-24.0, =26.1.0, =26.1.0, =26.1.0, =26.1.0, =26.1.0, =26.1.0, =26.1.0, =26.2.0, =26.2.0, =26.1.0, =26.1.0, =26.1.0, =26.2.5 a...

net.optionfactory.keycloak:optionfactory-keycloak-providers (>=8.1 <=8.9), org.keycloak.testframework:keycloak-test-framework-clustering (>=26.3.0 <=26.3.3) +23 more potentially affected by CVE-2025-10044 via org.keycloak:keycloak-account-ui (>=26.3.0 <=26.3.3)

org.keycloak:keycloak-account-ui MAVEN version =26.3.0, =8.1, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.3 and more Source cves: CVE-2025-10044https://vulners.c...

EUVD-2019-0673

Malware in sbrugna...