CVE-2026-46389 UDS Identity Config has a client authentication bypass in `ClientIdAndKubernetesSecretAuthenticator`

UDS Identity Config builds the Keycloak configuration image realm, plugins, theme, truststore, JARs consumed by UDS Core's Identity deployment. In versions 0.11.0 through 0.26.0, a logic error in the client-kubernetes-secret Keycloak client authenticator shipped by uds-identity-config and consume...

DuoUniversalKeycloakAuthenticator Security Vulnerability

DuoUniversalKeycloakAuthenticator is a Keycloak authenticator by Michael Kelly Personal Developer. A security vulnerability exists in DuoUniversalKeycloakAuthenticator version 1.0.7, which stems from the presence of an information disclosure vulnerability, where a specially crafted HTTP request...

CVE-2023-1477

Improper Authentication vulnerability in HYPR Keycloak Authenticator Extension allows Authentication Abuse.This issue affects HYPR Keycloak Authenticator Extension: before 7.10.2, before 8.0.3...

HYPR 授权问题漏洞

HYPR is a security application from HYPR that implements a passwordless... A security vulnerability exists in HYPR Keycloak Authenticator Extension that stems from incorrect authentication...