Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

Cvelist
Cvelistadded 2026/05/28 3:27 a.m.30 views

CVE-2026-9791 Keycloak-rhel9: organization data leak after feature disabled in keycloak

A flaw was found in Keycloak. An authenticated user with existing organization membership can exploit this flaw by accessing user-facing APIs, such as the account API or by requesting an OpenID Connect OIDC token with the 'organization' scope. This allows organization metadata to be disclosed in...

4.3CVSS0.00031EPSS
Exploits0References4
CVE
CVEadded 2026/05/28 3:27 a.m.34 views

CVE-2026-9791

CVE-2026-9791 describes a flaw in Keycloak where an authenticated user with existing organization membership can access user-facing APIs (e.g., the account API) or request an OpenID Connect token with the organization scope. This can lead to leakage of organization metadata in tokens even after a...

4.3CVSS5.7AI score0.00031EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichmentadded 2026/05/28 3:27 a.m.9 views

CVE-2026-9791 Keycloak-rhel9: organization data leak after feature disabled in keycloak

A flaw was found in Keycloak. An authenticated user with existing organization membership can exploit this flaw by accessing user-facing APIs, such as the account API or by requesting an OpenID Connect OIDC token with the 'organization' scope. This allows organization metadata to be disclosed in...

4.3CVSS5.7AI score0.00031EPSS
Exploits0References4
Rows per page
Query Builder