3 matches found
EUVD-2026-45223
A flaw was found in the default-groups REST endpoint and realm representation of Keycloak. This component is responsible for managing groups that are automatically assigned to new users within a realm. The issue allows a delegated administrator with realm-viewing permissions to see the names and...
CVE-2026-16108
The CVE-2026-16108 issue affects Keycloak’s default-groups REST endpoint and realm representation. It allows a delegated administrator with realm-viewing permissions to disclose the names and identifiers of hidden default groups that they should not be able to view, potentially exposing internal ...
CVE-2026-16108 Keycloak-services: keycloak-services: realm default-group reads disclose hidden groups under fgap v2
A flaw was found in the default-groups REST endpoint and realm representation of Keycloak. This component is responsible for managing groups that are automatically assigned to new users within a realm. The issue allows a delegated administrator with realm-viewing permissions to see the names and...