keycloak-server: Keycloak: Improper Access Control in Admin REST API leads to information disclosure

A flaw was found in the Keycloak Admin REST API. This vulnerability allows the exposure of backend schema and rules, potentially leading to targeted attacks or privilege escalation via improper access control...

GHSA-594W-2FWP-JWRC Keycloak Admin REST API exposes backend schema and rules

A flaw was found in the Keycloak Admin REST API. This vulnerability allows the exposure of backend schema and rules, potentially leading to targeted attacks or privilege escalation via improper access control...

Keycloak Admin REST API exposes backend schema and rules

A flaw was found in the Keycloak Admin REST API. This vulnerability allows the exposure of backend schema and rules, potentially leading to targeted attacks or privilege escalation via improper access control...

CVE-2025-14083

A flaw was found in the Keycloak Admin REST API. This vulnerability allows the exposure of backend schema and rules, potentially leading to targeted attacks or privilege escalation via improper access control...

CVE-2025-14083

CVE-2025-14083 concerns the Keycloak Admin REST API, where an improper access-control flaw allows exposure of backend schema and rules. Affected component: Keycloak Admin REST API; consequence: potential information disclosure and targeted privilege-escalation paths via exposed internal configura...

EUVD-2026-3683

A flaw was found in the Keycloak Admin REST API. This vulnerability allows the exposure of backend schema and rules, potentially leading to targeted attacks or privilege escalation via improper access control...

CVE-2025-14083

A flaw was found in the Keycloak Admin REST API. This vulnerability allows the exposure of backend schema and rules, potentially leading to targeted attacks or privilege escalation via improper access control...

CVE-2025-14083 Keycloak-server: keycloak: improper access control in admin rest api leads to information disclosure

A flaw was found in the Keycloak Admin REST API. This vulnerability allows the exposure of backend schema and rules, potentially leading to targeted attacks or privilege escalation via improper access control...

CVE-2025-14083 Keycloak-server: keycloak: improper access control in admin rest api leads to information disclosure

A flaw was found in the Keycloak Admin REST API. This vulnerability allows the exposure of backend schema and rules, potentially leading to targeted attacks or privilege escalation via improper access control...

PT-2026-3762

A flaw was found in the Keycloak Admin REST API. This vulnerability allows the exposure of backend schema and rules, potentially leading to targeted attacks or privilege escalation via improper access control...

New Relic: Getting API access key Through Introspection query Graphql

The introspection query should only be allowed internally and should not be allowed to the general public. If we can fetch the entire back-end API documentation and calls available on a server then that can be very dangerous is many cases what if we could get our hands on some API calls only mean...

HackerOne: Introspection query leaks sensitive graphql system information.

Summary: Interospection query leaks sensitive data. Introduction As we know graphql was initially developed and used by facebook as an internal query language and so the features of graphql mostly revolve around internal and development areas. Graphql executes queries using a type system with the...