2 matches found
CVE-2025-7365
A flaw was found in Keycloak. When an authenticated attacker attempts to merge accounts with another existing account during an identity provider IdP login, the attacker will subsequently be prompted to "review profile" information. This vulnerability allows the attacker to modify their email...
PT-2025-29098
Name of the Vulnerable Software and Affected Versions: Keycloak affected versions not specified Description: A flaw exists in Keycloak that allows an authenticated attacker to potentially gain access to a victim's account. During an identity provider IdP login, if an attacker attempts to merge...