CVE-2025-11429
CVE-2025-11429 (Keycloak) is a session-management logic flaw in which sessions created with the realm’s Remember Me setting stay valid beyond a recent realm-level security change. The vulnerability stems from how Keycloak expiration logic relies on the per-session remember-me flag without validat...