6 matches found
EUVD-2026-39476
A flaw was found in Keycloak. A realm administrator with the "manage-realm" role can exploit this vulnerability by submitting an arbitrary filesystem path as a keystore parameter when creating a key provider component. This allows the administrator to probe arbitrary filesystem paths, determining...
CVE-2026-9083
A flaw was found in Keycloak. A realm administrator with the "manage-realm" role can exploit this vulnerability by submitting an arbitrary filesystem path as a keystore parameter when creating a key provider component. This allows the administrator to probe arbitrary filesystem paths, determining...
CVE-2026-9083 Keycloak: keycloak: information disclosure through arbitrary filesystem path probing
A flaw was found in Keycloak. A realm administrator with the "manage-realm" role can exploit this vulnerability by submitting an arbitrary filesystem path as a keystore parameter when creating a key provider component. This allows the administrator to probe arbitrary filesystem paths, determining...
CVE-2026-9083
CVE-2026-9083 (Keycloak) : A flaw allows a realm administrator with the manage-realm role to submit an arbitrary filesystem path as a keystore parameter when creating a key provider component, enabling probing of arbitrary filesystem paths and disclosure of files readable by the Keycloak process....
CVE-2026-9083
A flaw was found in Keycloak. A realm administrator with the "manage-realm" role can exploit this vulnerability by submitting an arbitrary filesystem path as a keystore parameter when creating a key provider component. This allows the administrator to probe arbitrary filesystem paths, determining...
CVE-2026-9083
A flaw was found in Keycloak. A realm administrator with the "manage-realm" role can exploit this vulnerability by submitting an arbitrary filesystem path as a keystore parameter when creating a key provider component. This allows the administrator to probe arbitrary filesystem paths, determining...