Lucene search
K

4265 matches found

Cvelist
Cvelist
added 2026/06/25 4:16 p.m.33 views

CVE-2026-9800 Keycloak-policy-enforcer: keycloak policy enforcer: authorization bypass via incorrect uri comparison

A flaw was found in Keycloak Policy Enforcer. This vulnerability allows any authenticated user to bypass all authorization policies, including role, scope, and User-Managed Access UMA permission checks. By including the configured access-denied page path within a request URL, either as a path...

8.1CVSS0.00301EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/25 4:16 p.m.5 views

CVE-2026-9800

A flaw was found in Keycloak Policy Enforcer. This vulnerability allows any authenticated user to bypass all authorization policies, including role, scope, and User-Managed Access UMA permission checks. By including the configured access-denied page path within a request URL, either as a path...

8.1CVSS5.8AI score0.00301EPSS
Exploits0References7
EUVD
EUVD
added 2026/06/25 4:16 p.m.4 views

EUVD-2026-39471

A flaw was found in Keycloak Policy Enforcer. This vulnerability allows any authenticated user to bypass all authorization policies, including role, scope, and User-Managed Access UMA permission checks. By including the configured access-denied page path within a request URL, either as a path...

8.1CVSS5.8AI score0.00301EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/25 4:2 p.m.4 views

CVE-2026-9799

A flaw was found in org.keycloak.authorization. An authenticated user with a granted User-Managed Access UMA permission ticket for one resource can exploit this by using a specific permission request prefix to bypass per-resource access control. This allows the user to gain unauthorized access to...

4.6CVSS5.8AI score0.00166EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/25 4:2 p.m.6 views

CVE-2026-9705

A flaw was found in Keycloak's client registration service. A remote attacker, possessing a previously issued Registration Access Token RAT, could exploit this vulnerability to re-enable a client that an administrator had explicitly disabled. This bypasses security controls, allowing the attacker...

6.5CVSS5.9AI score0.00267EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/25 4:1 p.m.5 views

CVE-2026-9099

A flaw was found in Keycloak. A missing authorization check in the GroupResource.addChild endpoint within the Admin REST API allows an authenticated user with limited administrative privileges to reparent any existing group. When Fine-Grained Admin Permissions v2 FGAPv2 is enabled, an attacker wi...

7.7CVSS5.9AI score0.00288EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/25 4:1 p.m.10 views

CVE-2026-9086

A flaw was found in Keycloak. A remote attacker with administrative privileges, specifically those with manage-client permission or access to client registration endpoints, could bypass client Uniform Resource Identifier URI validation. This is achieved by registering a malicious client with a...

7.3CVSS6.5AI score0.00419EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/25 4:1 p.m.4 views

CVE-2026-9800

A flaw was found in Keycloak Policy Enforcer. This vulnerability allows any authenticated user to bypass all authorization policies, including role, scope, and User-Managed Access UMA permission checks. By including the configured access-denied page path within a request URL, either as a path...

8.1CVSS5.7AI score0.00301EPSS
Exploits0References3
Chainguard
Chainguard
added 2026/06/25 2:16 a.m.10 views

CVE-2026-54517 vulnerabilities

Vulnerabilities for packages: apache-tika, spark, nacos-docker, nextflow, cassandra, scala, pinot, keycloak-fips, solr, kafka-fips, keycloak, confluent-kafka, apache-camel-karavan-devmode, apache-activemq-fips, logstash-fips, neo4j, nuxeo, druid, logstash, spark-kubernetes-operator,...

5.3CVSS5.9AI score0.00237EPSS
Exploits0
Chainguard
Chainguard
added 2026/06/25 2:16 a.m.5 views

GHSA-RCQC-6CW3-H962 vulnerabilities

Vulnerabilities for packages: apache-tika, spark, nacos-docker, nextflow, cassandra, scala, pinot, keycloak-fips, solr, kafka-fips, keycloak, confluent-kafka, apache-camel-karavan-devmode, apache-activemq-fips, logstash-fips, neo4j, nuxeo, druid, logstash, spark-kubernetes-operator,...

5.9AI score
Exploits0
Chainguard
Chainguard
added 2026/06/25 2:16 a.m.9 views

GHSA-9FXM-VC8V-HJ55 vulnerabilities

Vulnerabilities for packages: apache-tika, spark, nacos-docker, nextflow, cassandra, scala, pinot, keycloak-fips, solr, kafka-fips, keycloak, confluent-kafka, apache-camel-karavan-devmode, apache-activemq-fips, logstash-fips, neo4j, nuxeo, druid, logstash, spark-kubernetes-operator,...

5.9AI score
Exploits0
Chainguard
Chainguard
added 2026/06/25 2:16 a.m.8 views

CVE-2026-54513 vulnerabilities

Vulnerabilities for packages: confluent-common-docker, spark, apache-pulsar, pinot, keycloak, confluent-kafka, logstash-fips, nuxeo, apache-hop, elasticsearch-fips, flyway-fips, airbyte-server, infinispan, wavefront-proxy, kafka-bridge, ruby4.0-jrjackson, apache-tomee, hadoop-client-modules,...

8.1CVSS5.9AI score0.00677EPSS
Exploits0
Chainguard
Chainguard
added 2026/06/25 2:16 a.m.11 views

CVE-2026-54512 vulnerabilities

Vulnerabilities for packages: confluent-common-docker, spark, apache-pulsar, pinot, keycloak, confluent-kafka, logstash-fips, nuxeo, apache-hop, elasticsearch-fips, flyway-fips, airbyte-server, infinispan, wavefront-proxy, kafka-bridge, ruby4.0-jrjackson, apache-tomee, hadoop-client-modules,...

8.1CVSS5.9AI score0.00617EPSS
Exploits1
Chainguard
Chainguard
added 2026/06/25 2:16 a.m.13 views

CVE-2026-54514 vulnerabilities

Vulnerabilities for packages: confluent-common-docker, spark, apache-pulsar, pinot, keycloak, confluent-kafka, logstash-fips, nuxeo, apache-hop, elasticsearch-fips, flyway-fips, airbyte-server, infinispan, wavefront-proxy, kafka-bridge, ruby4.0-jrjackson, apache-tomee, hadoop-client-modules,...

5.3CVSS5.9AI score0.00219EPSS
Exploits0
Chainguard
Chainguard
added 2026/06/25 2:16 a.m.8 views

GHSA-5HH8-Q8HV-FR38 vulnerabilities

Vulnerabilities for packages: apache-tika, spark, nacos-docker, nextflow, cassandra, scala, pinot, keycloak-fips, solr, kafka-fips, keycloak, confluent-kafka, apache-camel-karavan-devmode, apache-activemq-fips, logstash-fips, neo4j, nuxeo, druid, logstash, spark-kubernetes-operator,...

5.9AI score
Exploits0
Chainguard
Chainguard
added 2026/06/25 2:16 a.m.8 views

GHSA-J3RV-43J4-C7QM vulnerabilities

Vulnerabilities for packages: confluent-common-docker, spark, apache-pulsar, pinot, keycloak, confluent-kafka, logstash-fips, nuxeo, apache-hop, elasticsearch-fips, flyway-fips, airbyte-server, infinispan, wavefront-proxy, kafka-bridge, ruby4.0-jrjackson, apache-tomee, hadoop-client-modules,...

5.9AI score
Exploits0
Chainguard
Chainguard
added 2026/06/25 2:16 a.m.13 views

GHSA-HGJ6-7826-R7M5 vulnerabilities

Vulnerabilities for packages: confluent-common-docker, spark, apache-pulsar, pinot, keycloak, confluent-kafka, logstash-fips, nuxeo, apache-hop, elasticsearch-fips, flyway-fips, airbyte-server, infinispan, wavefront-proxy, kafka-bridge, ruby4.0-jrjackson, apache-tomee, hadoop-client-modules,...

5.9AI score
Exploits0
Chainguard
Chainguard
added 2026/06/25 2:16 a.m.13 views

CVE-2026-54516 vulnerabilities

Vulnerabilities for packages: apache-tika, spark, nacos-docker, nextflow, cassandra, scala, pinot, keycloak-fips, solr, kafka-fips, keycloak, confluent-kafka, apache-camel-karavan-devmode, apache-activemq-fips, logstash-fips, neo4j, nuxeo, druid, logstash, spark-kubernetes-operator,...

5.3CVSS5.9AI score0.00282EPSS
Exploits0
Chainguard
Chainguard
added 2026/06/25 2:16 a.m.7 views

CVE-2026-54518 vulnerabilities

Vulnerabilities for packages: apache-tika, spark, nacos-docker, nextflow, cassandra, scala, pinot, keycloak-fips, solr, kafka-fips, keycloak, confluent-kafka, apache-camel-karavan-devmode, apache-activemq-fips, logstash-fips, neo4j, nuxeo, druid, logstash, spark-kubernetes-operator,...

6.5CVSS5.9AI score0.00211EPSS
Exploits0
Chainguard
Chainguard
added 2026/06/25 2:16 a.m.8 views

GHSA-RMJ7-2VXQ-3G9F vulnerabilities

Vulnerabilities for packages: confluent-common-docker, spark, apache-pulsar, pinot, keycloak, confluent-kafka, logstash-fips, nuxeo, apache-hop, elasticsearch-fips, flyway-fips, airbyte-server, infinispan, wavefront-proxy, kafka-bridge, ruby4.0-jrjackson, apache-tomee, hadoop-client-modules,...

5.9AI score
Exploits0
Rows per page
Query Builder