ch.iterial.keycloak.plugins:keycloak-directus-plugin (>=0.1.0 <=0.7.0), com.c4-soft.springaddons:keycloak-grants-mapper (>=3.1.13-jdk1.8 <=3.1.14-jdk17) +191 more potentially affected by CVE-2026-4325 via org.keycloak:keycloak-services (>=10.0.0 <=26.5.6)

org.keycloak:keycloak-services MAVEN version =10.0.0, =0.1.0, =3.1.13-jdk1.8, =11.0.1, =1.2.6, =1.2.5, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.4.11 - com.github.wnameless.spring.boot.up:spring-boot-up-embedded-keycloak =24.3.0.0 -...

com.github.vzakharchenko:chillispot-radius-plugin (>=1.2.6 <=1.4.11), com.github.vzakharchenko:cisco-radius-plugin (>=1.2.5 <=1.4.11) +72 more potentially affected by CVE-2026-3190 via org.keycloak:keycloak-model-jpa (>=10.0.0 <=26.5.5)

org.keycloak:keycloak-model-jpa MAVEN version =10.0.0, =1.2.6, =1.2.5, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =5.1.0-26.1, =2.5.6-24.0, =2.0.6, =15.0.0.1 and more Source cves: CVE-2026-3190 Source advisory: OSV:GHSA-Q35R-VVHV-VX5H...

ch.iterial.keycloak.plugins:keycloak-directus-plugin (>=0.1.0 <=0.7.0), com.c4-soft.springaddons:keycloak-grants-mapper (>=3.1.13-jdk1.8 <=3.1.14-jdk17) +191 more potentially affected by CVE-2026-3429 via org.keycloak:keycloak-services (>=10.0.0 <=26.5.6)

org.keycloak:keycloak-services MAVEN version =10.0.0, =0.1.0, =3.1.13-jdk1.8, =11.0.1, =1.2.6, =1.2.5, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.4.11 - com.github.wnameless.spring.boot.up:spring-boot-up-embedded-keycloak =24.3.0.0 -...

ch.iterial.keycloak.plugins:keycloak-directus-plugin (>=0.1.0 <=0.7.0), com.github.vzakharchenko:chillispot-radius-plugin (>=1.2.6 <=1.4.11) +51 more potentially affected by CVE-2025-14082 via org.keycloak:keycloak-model-infinispan (>=10.0.0 <=26.4.7)

org.keycloak:keycloak-model-infinispan MAVEN version =10.0.0, =0.1.0, =1.2.6, =1.2.5, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =2.0.1-23.0, =2.5.6-24.0, =0.1.0, =1.0.0 and more Source cves: CVE-2025-14082 Source advisory: SNYK:JAVA-ORGKEYCLOAK-14361675...

Buffer overflow in the rc_mksid function in plugins/radius/util.c in Paul's PPP Package (ppp) 2.4.6 and earlier, when the PID for pppd is greater than 65535, allows remote attackers to cause a denial of service (crash) via a start accounting message to the RADIUS server.

...

com.github.vzakharchenko:chillispot-radius-plugin (>=1.3.2 <=1.4.11), com.github.vzakharchenko:cisco-radius-plugin (>=1.3.2 <=1.4.11) +34 more potentially affected by CVE-2025-0604 via org.keycloak:keycloak-ldap-federation (>=10.0.0 <=26.0.1)

org.keycloak:keycloak-ldap-federation MAVEN version =10.0.0, =1.3.2, =1.3.2, =1.3.2, =1.3.2, =1.3.2, =1.3.2, =1.3.2, =1.3.2, =1.3.2, =2.5.6-24.0, =0.1.0, =0.2, =1.0.0, =1.1.0 and more Source cves: CVE-2025-0604 Source advisory: OSV:GHSA-2P82-5WWR-43CW...

com.c4-soft.springaddons:keycloak-grants-mapper (>=3.1.13-jdk1.8 <=3.1.14-jdk17), com.charlyghislain.keycloak:keycloak-importexport (>=11.0.1 <=23.0.1) +128 more potentially affected by CVE-2024-4540 via org.keycloak:keycloak-services (>=10.0.0 <=24.0.4)

org.keycloak:keycloak-services MAVEN version =10.0.0, =3.1.13-jdk1.8, =11.0.1, =1.2.6, =1.2.5, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.0.1, =4.0, =4.17 and more Source cves: CVE-2024-4540 Source advisory: OSV:GHSA-69FP-7C8P-CRJR...

com.github.vzakharchenko:chillispot-radius-plugin (>=1.3.2 <=1.4.11), com.github.vzakharchenko:cisco-radius-plugin (>=1.3.2 <=1.4.11) +28 more potentially affected by CVE-2022-2232 via org.keycloak:keycloak-ldap-federation (>=10.0.0 <=23.0.0)

org.keycloak:keycloak-ldap-federation MAVEN version =10.0.0, =1.3.2, =1.3.2, =1.3.2, =1.3.2, =1.3.2, =1.3.2, =1.3.2, =1.3.2, =1.3.2, =0.1.0, =0.2, =1.0.0, =12.0.0, =1.0-beta-4, =18.0.0, =23.0.0 and more Source cves: CVE-2022-2232 Source advisory: OSV:GHSA-8HC5-RMGF-QX6P...

com.c4-soft.springaddons:keycloak-grants-mapper (>=3.1.13-jdk1.8 <=3.1.14-jdk17), com.charlyghislain.keycloak:keycloak-importexport (>=11.0.1 <=19.0.0) +93 more potentially affected by CVE-2023-0264 via org.keycloak:keycloak-services (>=10.0.0 <=21.0.0)

org.keycloak:keycloak-services MAVEN version =10.0.0, =3.1.13-jdk1.8, =11.0.1, =1.2.6, =1.2.5, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =4.0, =1.1.1, =0.3.0-20.0.1, =0.10.0-20.0.5 and more Source cves: CVE-2023-0264 Source advisory: OSV:GHSA-9G98-5MJ6-F9MV...

com.buession.cas:buession-cas-ticket (>=2.3.0 <=2.3.2), com.buession.cas:buession-cas-ticket-infinispan (>=2.3.0 <=2.3.2) +525 more potentially affected by CVE-2021-3642 via org.wildfly.security:wildfly-elytron (>=1.11.0.CR1 <=1.15.4.Final)

org.wildfly.security:wildfly-elytron MAVEN version =1.11.0.CR1, =2.3.0, =2.3.0, =2.3.0, =0.8.0, =1.2.6, =1.2.6, =1.2.6, =1.2.6, =1.2.6, =1.2.6, =1.2.6, =1.2.6, =1.2.6, =2.0.20, =0.12, =1.0 and more Source cves: CVE-2021-3642 Source advisory: OSV:GHSA-5499-QJVH-6J7W...

com.github.vzakharchenko:cisco-radius-plugin (=1.2.5), com.github.vzakharchenko:keycloak-plugins (>=1.2.4 <=1.2.5) +126 more potentially affected by CVE-2020-1714 via org.keycloak:keycloak-core (>=10.0.0 <=10.0.2)

org.keycloak:keycloak-core MAVEN version =10.0.0, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.0.0, =2.0.6, =2.0.6, =2.0.6, =2.0.6, =2.0.6, =2.0.7 and more Source cves: CVE-2020-1714 Source advisory: OSV:GHSA-M6MM-Q862-J366...

com.charlyghislain.keycloak:keycloak-importexport (>=11.0.1 <=11.0.2), com.github.vzakharchenko:chillispot-radius-plugin (=1.2.6) +186 more potentially affected by CVE-2020-14389 via org.keycloak:keycloak-core (>=10.0.0 <=11.0.3)

org.keycloak:keycloak-core MAVEN version =10.0.0, =11.0.1, =1.2.5, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =5.0.0, =5.0.0, =5.0.0, =5.2.0, =5.2.1 and more Source cves: CVE-2020-14389 Source advisory: OSV:GHSA-C9X9-XV66-XP3V...