Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
RedhatKeycloak-

3 matches found

CVE
CVEadded 2025/07/10 3:15 p.m.22 views

CVE-2025-7365

A flaw was found in Keycloak. When an authenticated attacker attempts to merge accounts with another existing account during an identity provider (IdP) login, the attacker will subsequently be prompted to "review profile" information. This vulnerability allows the attacker to modify their email add...

7.1CVSS6.2AI score0.00007EPSS
CVE
CVEadded 2025/06/20 4:15 p.m.13 views

CVE-2025-5416

A vulnerability has been identified in Keycloak that could lead to unauthorized information disclosure. While it requires an already authenticated user, the /admin/serverinfo endpoint can inadvertently provide sensitive environment information.

2.7CVSS6.2AI score0.00032EPSS
CVE
CVEadded 2025/08/06 5:15 p.m.7 views

CVE-2025-8419

A vulnerability was found in Keycloak-services. Special characters used during e-mail registration may perform SMTP Injection and unexpectedly send short unwanted e-mails. The email is limited to 64 characters (limited local part of the email), so the attack is limited to very shorts emails (subjec...

6.5CVSS6.4AI score0.00043EPSS