Lucene search
K

8 matches found

NVD
NVD
added last week9 views

CVE-2026-4629

A flaw was found in Keycloak. A highly privileged user with manage-clients permission can exploit this vulnerability by injecting a hardcoded role mapper into any client. This action allows the user to bypass existing scope restrictions and inject the realm-admin role into generated tokens,...

6.5CVSS0.0024EPSS
Exploits1References2
CVE
CVE
added 2026/06/25 4:16 p.m.26 views

CVE-2026-9099

Keycloak contains a flaw in GroupResource.addChild() in the Admin REST API where missing authorization allows an authenticated user with limited admin privileges to reparent any group. Under FGAPv2, a manager of a low-privilege group can reparent a highly privileged group (e.g., realm-admin) unde...

7.7CVSS5.8AI score0.00288EPSS
Exploits0References7Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/08 11:44 a.m.9 views

CVE-2026-11577

...

5.9AI score0.00329EPSS
Exploits0
Cvelist
Cvelist
added 2026/05/28 4:27 a.m.36 views

CVE-2026-9796 Keycloak: keycloak: privilege escalation via time-of-check to time-of-use (toctou) vulnerability

A flaw was found in Keycloak. An authenticated administrator with the manage-clients role can exploit a Time-of-check to time-of-use TOCTOU vulnerability in the name-based admin role checks. This allows the attacker to escalate their privileges to realm-admin for all users within the realm,...

6.5CVSS0.00186EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/28 4:27 a.m.9 views

CVE-2026-9796

A flaw was found in Keycloak. An authenticated administrator with the manage-clients role can exploit a Time-of-check to time-of-use TOCTOU vulnerability in the name-based admin role checks. This allows the attacker to escalate their privileges to realm-admin for all users within the realm,...

6.5CVSS5.7AI score0.00186EPSS
Exploits0References3
NVD
NVD
added 2025/11/25 4:16 p.m.7 views

CVE-2025-13467

A flaw was found in the Keycloak LDAP User Federation provider. This vulnerability allows an authenticated realm administrator to trigger deserialization of untrusted Java objects via a malicious LDAP server configuration...

5.5CVSS0.00399EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2025/11/25 4:2 p.m.9 views

CVE-2025-13467

A flaw was found in the Keycloak LDAP User Federation provider. This vulnerability allows an authenticated realm administrator to trigger deserialization of untrusted Java objects via a malicious LDAP server configuration. Mitigation Mitigation for this issue is either not available or the...

5.5CVSS6AI score0.00399EPSS
Exploits0References5
OSV
OSV
added 2025/07/30 1:17 p.m.3 views

GHSA-27GP-8389-HM4W Keycloak Privilege Escalation Vulnerability in Admin Console (FGAPv2 Enabled)

A Privilege Escalation vulnerability was identified in the Keycloak identity and access management solution, specifically when FGAPv2 is enabled in version 26.2.x. The flaw lies in the admin permission enforcement logic, where a user with manage-users privileges can self-assign realm-admin rights...

6.5CVSS6.9AI score0.00368EPSS
Exploits0References9
Rows per page
Query Builder