Lucene search
+L

6 matches found

RedHat Linux
RedHat Linux
added 2026/06/25 5:36 p.m.7 views

keycloak: Keycloak: Information disclosure due to user profile permission bypass

A flaw was found in org.keycloak.services. An administrator with delegated access to read group memberships and users can bypass user profile permissions by accessing the group members endpoint. This allows the administrator to view user attributes that are explicitly configured to be denied,...

2.7CVSS5.7AI score0.00348EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/10 5:38 p.m.12 views

keycloak: Keycloak: Information disclosure due to user profile permission bypass

A flaw was found in org.keycloak.services. An administrator with delegated access to read group memberships and users can bypass user profile permissions by accessing the group members endpoint. This allows the administrator to view user attributes that are explicitly configured to be denied,...

2.7CVSS5.3AI score0.00348EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/05 7:52 a.m.48 views

CVE-2026-9088 Keycloak: keycloak: information disclosure due to user profile permission bypass

A flaw was found in org.keycloak.services. An administrator with delegated access to read group memberships and users can bypass user profile permissions by accessing the group members endpoint. This allows the administrator to view user attributes that are explicitly configured to be denied,...

2.7CVSS0.00348EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/05 7:52 a.m.8 views

CVE-2026-9088

A flaw was found in org.keycloak.services. An administrator with delegated access to read group memberships and users can bypass user profile permissions by accessing the group members endpoint. This allows the administrator to view user attributes that are explicitly configured to be denied,...

2.7CVSS5.4AI score0.00348EPSS
Exploits0References7
EUVD
EUVD
added 2026/06/05 7:52 a.m.12 views

EUVD-2026-34790

A flaw was found in org.keycloak.services. An administrator with delegated access to read group memberships and users can bypass user profile permissions by accessing the group members endpoint. This allows the administrator to view user attributes that are explicitly configured to be denied,...

2.7CVSS5.4AI score0.00348EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:48 a.m.13 views

CVE-2026-9088

A flaw was found in org.keycloak.services. An administrator with delegated access to read group memberships and users can bypass user profile permissions by accessing the group members endpoint. This allows the administrator to view user attributes that are explicitly configured to be denied,...

2.7CVSS5AI score0.00348EPSS
Exploits0References3
Rows per page
Query Builder