CVE-2026-16089
The CVE-2026-16089 entry describes a vulnerability in Red Hat Build of Keycloak’s keycloak-services, where OAuth 2.0 authorization codes are not properly bound to the client that requested them. If an attacker can intercept an authorization code, they can modify it to be redeemed by their own cli...