Lucene search
K

34 matches found

NVD
NVD
added 4 days ago6 views

CVE-2026-55671

ZITADEL is an open source identity management platform. From 4.0.0-rc.1 through 4.15.1, ZITADEL's HTTP notification channels, OIDC BackChannel Logout, and SAML metadata URL fetches do not consistently validate user-defined URLs against protected denylist handling, allowing server-side requests to...

2.3CVSS0.00252EPSS
Exploits0References3
Cvelist
Cvelist
added 4 days ago30 views

CVE-2026-55671 ZITADEL: Server-Side Request Forgery (SSRF) and Denylist Bypass in Outgoing HTTP Components

ZITADEL is an open source identity management platform. From 4.0.0-rc.1 through 4.15.1, ZITADEL's HTTP notification channels, OIDC BackChannel Logout, and SAML metadata URL fetches do not consistently validate user-defined URLs against protected denylist handling, allowing server-side requests to...

2.3CVSS0.00252EPSS
Exploits0References3
CVE
CVE
added 5 days ago10 views

CVE-2026-59219

Open WebUI 0.9.0–0.10.0: with Redis configured, the terminal websocket first-message authentication used decode_token without a Redis-backed is_valid_token revocation check, allowing revoked JWTs to continue authenticating realtime connections. Fixed in version 0.10.0. This affects realtime endpo...

7.1CVSS5.9AI score0.00259EPSS
Exploits1References3Affected Software1
RedHat Linux
RedHat Linux
added 2026/06/25 5:36 p.m.4 views

org.keycloak.protocol.oidc.grants: org.keycloak.services.managers: Keycloak: Server-Side Request Forgery via OIDC token endpoint manipulation

A flaw was found in Keycloak. An authenticated attacker can perform Server-Side Request Forgery SSRF by manipulating the clientsessionhost parameter during refresh token requests. This occurs when a Keycloak client is configured to use the backchannel.logout.url with the application.session.host...

3.1CVSS5.8AI score0.00295EPSS
Exploits0References4
OSV
OSV
added 2026/06/18 1:1 p.m.6 views

GHSA-29JH-8CFQ-RR8X ZITADEL: Server-Side Request Forgery (SSRF) and Denylist Bypass in Outgoing HTTP Components

Summary A Server-Side Request Forgery SSRF vulnerability was discovered in Zitadel affecting: HTTP Notification Channels: Used as an alternative to SMTP/Twilio configurations, sending payloads to user-defined URLs via HTTP POST webhooks. OIDC BackChannel Logout: Terminates sessions across differe...

2.3CVSS6.2AI score0.00252EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/18 12:0 a.m.18 views

PT-2026-50740

Name of the Vulnerable Software and Affected Versions Zitadel versions 4.0.0 through 4.15.1 Zitadel versions 3.0.0 through 3.4.11 Description A Server-Side Request Forgery SSRF issue exists in components that handle outgoing HTTP requests, specifically HTTP Notification Channels, OIDC BackChannel...

2.3CVSS6AI score0.00252EPSS
Exploits0References8
OSV
OSV
added 2026/03/26 9:30 a.m.6 views

GHSA-22RM-WP4X-V5CX Keycloak Server-Side Request Forgery via OIDC token endpoint manipulation

A flaw was found in Keycloak. An authenticated attacker can perform Server-Side Request Forgery SSRF by manipulating the clientsessionhost parameter during refresh token requests. This occurs when a Keycloak client is configured to use the backchannel.logout.url with the application.session.host...

3.1CVSS5.9AI score0.00295EPSS
Exploits0References4
Snyk
Snyk
added 2026/03/26 9:30 a.m.2 views

Server-side Request Forgery (SSRF)

Overview org.keycloak:keycloak-services is an open source identity and access management solution for modern applications and services. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the clientsessionhost parameter during refresh token requests when the...

3.5CVSS5.6AI score0.00295EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/26 9:30 a.m.8 views

EUVD-2026-16142

A flaw was found in Keycloak. An authenticated attacker can perform Server-Side Request Forgery SSRF by manipulating the clientsessionhost parameter during refresh token requests. This occurs when a Keycloak client is configured to use the backchannel.logout.url with the application.session.host...

3.1CVSS5.8AI score0.00295EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/03/26 9:30 a.m.5 views

Keycloak Server-Side Request Forgery via OIDC token endpoint manipulation

A flaw was found in Keycloak. An authenticated attacker can perform Server-Side Request Forgery SSRF by manipulating the clientsessionhost parameter during refresh token requests. This occurs when a Keycloak client is configured to use the backchannel.logout.url with the application.session.host...

3.1CVSS5.9AI score0.00295EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2026/03/26 8:16 a.m.4 views

CVE-2026-4874

A flaw was found in Keycloak. An authenticated attacker can perform Server-Side Request Forgery SSRF by manipulating the clientsessionhost parameter during refresh token requests. This occurs when a Keycloak client is configured to use the backchannel.logout.url with the application.session.host...

3.1CVSS0.00295EPSS
Exploits0References6
CVE
CVE
added 2026/03/26 7:12 a.m.28 views

CVE-2026-4874

Keycloak vulnerability CVE-2026-4874 enables an authenticated attacker to perform Server-Side Request Forgery (SSRF) by manipulating the client_session_host parameter during refresh token requests when a client is configured to use backchannel.logout.url with the application.session.host placehol...

3.1CVSS5.8AI score0.00295EPSS
Exploits0References6Affected Software4
Vulnrichment
Vulnrichment
added 2026/03/26 7:12 a.m.1 views

CVE-2026-4874 Org.keycloak.protocol.oidc.grants: org.keycloak.services.managers: keycloak: server-side request forgery via oidc token endpoint manipulation

A flaw was found in Keycloak. An authenticated attacker can perform Server-Side Request Forgery SSRF by manipulating the clientsessionhost parameter during refresh token requests. This occurs when a Keycloak client is configured to use the backchannel.logout.url with the application.session.host...

3.1CVSS5.8AI score0.00295EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/03/26 7:12 a.m.33 views

CVE-2026-4874 Org.keycloak.protocol.oidc.grants: org.keycloak.services.managers: keycloak: server-side request forgery via oidc token endpoint manipulation

A flaw was found in Keycloak. An authenticated attacker can perform Server-Side Request Forgery SSRF by manipulating the clientsessionhost parameter during refresh token requests. This occurs when a Keycloak client is configured to use the backchannel.logout.url with the application.session.host...

3.1CVSS0.00295EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/03/26 7:12 a.m.3 views

CVE-2026-4874

A flaw was found in Keycloak. An authenticated attacker can perform Server-Side Request Forgery SSRF by manipulating the clientsessionhost parameter during refresh token requests. This occurs when a Keycloak client is configured to use the backchannel.logout.url with the application.session.host...

3.1CVSS5.6AI score0.00295EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/03/26 12:0 a.m.7 views

PT-2026-28224

Name of the Vulnerable Software and Affected Versions Keycloak affected versions not specified Description An authenticated attacker can perform Server-Side Request Forgery SSRF by manipulating the client session host parameter during refresh token requests. This is possible when a Keycloak clien...

3.1CVSS5.4AI score0.00295EPSS
Exploits0References12
Snyk
Snyk
added 2025/10/28 2:42 p.m.4 views

Session Fixation

Overview org.keycloak:keycloak-services is an open source identity and access management solution for modern applications and services. Affected versions of this package are vulnerable to Session Fixation in the backchannel logout when browser cookies are missing. An attacker using the same brows...

6CVSS7.1AI score0.00128EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2019-0509

Malware in sbrugna...

5.5CVSS5.5AI score0.00208EPSS
Exploits0References8
CVE
CVE
added 2025/01/14 8:36 a.m.94 views

CVE-2024-11736

CVE-2024-11736 (Keycloak) : The vulnerability arises when admins configure backchannel logout or admin URLs containing placeholders like ${env.VARNAME} or ${PROPNAME}. The server replaces these placeholders with environment variables/system properties during URL processing, potentially allowing a...

4.9CVSS5.1AI score0.00752EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2025/01/13 4:58 p.m.17 views

Keycloak allows unrestricted admin use of system and environment variables

A security vulnerability has been identified that allows admin users to access sensitive server environment variables and system properties through user-configurable URLs. Specifically, when configuring backchannel logout URLs or admin URLs, admin users can include placeholders like $env.VARNAME ...

4.9CVSS6.6AI score0.00752EPSS
Exploits0References8Affected Software1
Rows per page
Query Builder