Red Hat Build Keycloak

Keycloak CORS Header Injection in UMA Token Endpoint via Unsigned azp Claim
CVE-2026-37977 3.7 - Low - April 06, 2026

A flaw was found in Keycloak. A remote attacker can exploit a Cross-Origin Resource Sharing (CORS) header injection vulnerability in Keycloak's User-Managed Access (UMA) token endpoint. This flaw occurs because the `azp` claim from a client-supplied JSON Web Token (JWT) is used to set the `Access-Control-Allow-Origin` header before the JWT signature is validated. When a specially crafted JWT with an attacker-controlled `azp` value is processed, this value is reflected as the CORS origin, even if the grant is later rejected. This can lead to the exposure of low-sensitivity information from authorization server error responses, weakening origin isolation, but only when a target client is misconfigured with `webOrigins: ["*"]`.

Origin Validation Error

Keycloak una_protection role: UMA policy bypass to access others' resources
CVE-2026-4636 8.1 - High - April 02, 2026

A flaw was found in Keycloak. An authenticated user with the uma_protection role can bypass User-Managed Access (UMA) policy validation. This allows the attacker to include resource identifiers owned by other users in a policy creation request, even if the URL path specifies an attacker-owned resource. Consequently, the attacker gains unauthorized permissions to victim-owned resources, enabling them to obtain a Requesting Party Token (RPT) and access sensitive information or perform unauthorized actions.

Incorrect Behavior Order: Authorization Before Parsing and Canonicalization

Keycloak OIDC Token Endpoint DoS via Excessively Long Scope Parameter
CVE-2026-4634 7.5 - High - April 02, 2026

A flaw was found in Keycloak. An unauthenticated attacker can exploit this vulnerability by sending a specially crafted POST request with an excessively long scope parameter to the OpenID Connect (OIDC) token endpoint. This leads to high resource consumption and prolonged processing times, ultimately resulting in a Denial of Service (DoS) for the Keycloak server.

Excessive Platform Resource Consumption within a Loop

Keycloak SingleUseObjectProvider Lacks Isolation, Enabling Token Replay
CVE-2026-4325 5.3 - Medium - April 02, 2026

A flaw was found in Keycloak. The SingleUseObjectProvider, a global key-value store, lacks proper type and namespace isolation. This vulnerability allows an attacker to delete arbitrary single-use entries, which can enable the replay of consumed action tokens, such as password reset links. This could lead to unauthorized access or account compromise.

Separation of Privilege

Keycloak: SingleUseObjectProvider Lacks Isolation, Enabling Unauth Code Forgery
CVE-2026-4282 7.4 - High - April 02, 2026

A flaw was found in Keycloak. The SingleUseObjectProvider, a global key-value store, lacks proper type and namespace isolation. This vulnerability allows an unauthenticated attacker to forge authorization codes. Successful exploitation can lead to the creation of admin-capable access tokens, resulting in privilege escalation.

Separation of Privilege

Keycloak Redirect URI Wildcard Bypass Leads to Token Theft
CVE-2026-3872 7.3 - High - April 02, 2026

A flaw was found in Keycloak. This issue allows an attacker, who controls another path on the same web server, to bypass the allowed path in redirect Uniform Resource Identifiers (URIs) that use a wildcard. A successful attack may lead to the theft of an access token, resulting in information disclosure.

Open Redirect

Keycloak Priv Escalation via Misconfigured manage-clients as manage-permissions
CVE-2026-3121 6.5 - Medium - March 26, 2026

A flaw was found in Keycloak. An administrator with `manage-clients` permission can exploit a misconfiguration where this permission is equivalent to `manage-permissions`. This allows the administrator to escalate privileges and gain control over roles, users, or other administrative functions within the realm. This privilege escalation can occur when admin permissions are enabled at the realm level.

Incorrect Privilege Assignment

Keycloak UMA Permission Ticket Enum - CVE-2026-3190
CVE-2026-3190 4.3 - Medium - March 26, 2026

A flaw was found in Keycloak. The User-Managed Access (UMA) 2.0 Protection API endpoint for permission tickets fails to enforce the `uma_protection` role check. This allows any authenticated user with a token issued for a resource server client, even without the `uma_protection` role, to enumerate all permission tickets in the system. This vulnerability partial leads to information disclosure.

Improper Handling of Insufficient Permissions or Privileges

Keycloak SSRF via client_session_host in Refresh Token
CVE-2026-4874 3.1 - Low - March 26, 2026

A flaw was found in Keycloak. An authenticated attacker can perform Server-Side Request Forgery (SSRF) by manipulating the `client_session_host` parameter during refresh token requests. This occurs when a Keycloak client is configured to use the `backchannel.logout.url` with the `application.session.host` placeholder. Successful exploitation allows the attacker to make HTTP requests from the Keycloak servers network context, potentially probing internal networks or internal APIs, leading to information disclosure.

SSRF

Keycloak ID First Login Error Message CVE-2026-4633: User Enumeration
CVE-2026-4633 3.7 - Low - March 23, 2026

A flaw was found in Keycloak. A remote attacker can exploit differential error messages during the identity-first login flow when Organizations are enabled. This vulnerability allows an attacker to determine the existence of users, leading to information disclosure through user enumeration.

Generation of Error Message Containing Sensitive Information

Keycloak UMA resource_set Endpoint: Access Control Bypass via PUT
CVE-2026-4628 4.3 - Medium - March 23, 2026

A flaw was found in Keycloak. An improper Access Control vulnerability in Keycloaks User-Managed Access (UMA) resource_set endpoint allows attackers with valid credentials to bypass the allowRemoteResourceManagement=false restriction. This occurs due to incomplete enforcement of access control checks on PUT operations to the resource_set endpoint. This issue enables unauthorized modification of protected resources, impacting data integrity.

Authorization

Keycloak Improper HTTP Redirect Handling leads to Info Disclosure
CVE-2026-4366 5.8 - Medium - March 18, 2026

A flaw was identified in Keycloak, an identity and access management solution, where it improperly follows HTTP redirects when processing certain client configuration requests. This behavior allows an attacker to trick the server into making unintended requests to internal or restricted resources. As a result, sensitive internal services such as cloud metadata endpoints could be accessed. This issue may lead to information disclosure and enable attackers to map internal network infrastructure.

SSRF

Keycloak DoS via max SAMLRequest over SAML Redirect Binding
CVE-2026-2575 5.3 - Medium - March 18, 2026

A flaw was found in Keycloak. An unauthenticated remote attacker can trigger an application level Denial of Service (DoS) by sending a highly compressed SAMLRequest through the SAML Redirect Binding. The server fails to enforce size limits during DEFLATE decompression, leading to an OutOfMemoryError (OOM) and subsequent process termination. This vulnerability allows an attacker to disrupt the availability of the service.

Data Amplification

Keycloak SAML Endpoint Bypass via Crafted IdP Response
CVE-2026-2603 8.1 - High - March 18, 2026

A flaw was found in Keycloak. A remote attacker could bypass security controls by sending a valid SAML response from an external Identity Provider (IdP) to the Keycloak SAML endpoint for IdP-initiated broker logins. This allows the attacker to complete broker logins even when the SAML Identity Provider is disabled, leading to unauthorized authentication.

Missing Authentication for Critical Function

Keycloak SAML Broker Unvalidated Encrypted Assertion Attack
CVE-2026-2092 7.7 - High - March 18, 2026

A flaw was found in Keycloak. Keycloak's Security Assertion Markup Language (SAML) broker endpoint does not properly validate encrypted assertions when the overall SAML response is not signed. An attacker with a valid signed SAML assertion can exploit this by crafting a malicious SAML response. This allows the attacker to inject an encrypted assertion for an arbitrary principal, leading to unauthorized access and potential information disclosure.

Improper Validation of Specified Type of Input

Keycloak Admin API Auth Bypass: Org Membership Enumeration
CVE-2026-2366 3.1 - Low - March 12, 2026

A flaw was found in Keycloak. An authorization bypass vulnerability in the Keycloak Admin API allows any authenticated user, even those without administrative privileges, to enumerate the organization memberships of other users. This information disclosure occurs if the attacker knows the victim's unique identifier (UUID) and the Organizations feature is enabled.

Insecure Direct Object Reference / IDOR

Keycloak REST API Privilege Escalation via MFA Credential Delete
CVE-2026-3429 4.2 - Medium - March 11, 2026

A flaw was identified in the Account REST API of Keycloak that allows a user authenticated at a lower security level to perform sensitive actions intended only for higher-assurance sessions. Specifically, an attacker who has already obtained a victims password can delete the victims registered MFA/OTP credential without first proving possession of that factor. The attacker can then register their own MFA device, effectively taking full control of the account. This weakness undermines the intended protection provided by multi-factor authentication.

Authorization

Keycloak UserResource viewusers Role IDP Disclosure
CVE-2026-3911 2.7 - Low - March 11, 2026

A flaw was found in Keycloak. An authenticated user with the view-users role could exploit a vulnerability in the UserResource component. By accessing a specific administrative endpoint, this user could improperly retrieve user attributes that were configured to be hidden. This unauthorized information disclosure could expose sensitive user data.

Privacy violation

Keycloak SAML Broker Auth Bypass via Disabled Client
CVE-2026-3047 8.8 - High - March 05, 2026

A flaw was found in org.keycloak.broker.saml. When a disabled Security Assertion Markup Language (SAML) client is configured as an Identity Provider (IdP)-initiated broker landing target, it can still complete the login process and establish a Single Sign-On (SSO) session. This allows a remote attacker to gain unauthorized access to other enabled clients without re-authentication, effectively bypassing security restrictions.

Authentication Bypass by Primary Weakness

Keycloak IdentityBroker Auth Bypass via Disabled IdP
CVE-2026-3009 8.1 - High - March 05, 2026

A security flaw in the IdentityBrokerService.performLogin endpoint of Keycloak allows authentication to proceed using an Identity Provider (IdP) even after it has been disabled by an administrator. An attacker who knows the IdP alias can reuse a previously generated login request to bypass the administrative restriction. This undermines access control enforcement and may allow unauthorized authentication through a disabled external provider.

AuthZ

Keycloak WebAuthn Auth Attestation Bypass (fmt none)
CVE-2025-12150 3.1 - Low - February 27, 2026

A flaw was found in Keycloaks WebAuthn registration component. This vulnerability allows an attacker to bypass the configured attestation policy and register untrusted or forged authenticators via submission of an attestation object with fmt: "none", even when the realm is configured to require direct attestation. This can lead to weakened authentication integrity and unauthorized authenticator registration.

Improper Verification of Cryptographic Signature

Keycloak RBAC Bypass: Unauthorized Attribute Modification via manageusers
CVE-2026-0871 4.9 - Medium - February 27, 2026

A flaw was found in Keycloak. An administrator with `manage-users` permission can bypass the "Only administrators can view" setting for unmanaged attributes, allowing them to modify these attributes. This improper access control can lead to unauthorized changes to user profiles, even when the system is configured to restrict such modifications.

Incorrect Privilege Assignment

Keycloak Docker v2 Auth: Tokens Issued Post-Disable (CVE-2026-2733)
CVE-2026-2733 3.8 - Low - February 19, 2026

A flaw was identified in the Docker v2 authentication endpoint of Keycloak, where tokens continue to be issued even after a Docker registry client has been administratively disabled. This means that turning the client Enabled setting to OFF does not fully prevent access. As a result, previously valid credentials can still be used to obtain authentication tokens. This weakens administrative controls and could allow unintended access to container registry resources.

AuthZ

Verbose Logging Exposes Auth & Cookie Headers in Keycloak
CVE-2025-11537 5 - Medium - February 10, 2026

A flaw was found in Keycloak. When the logging format is configured to a verbose, user-supplied pattern (such as the pre-defined 'long' pattern), sensitive headers including Authorization and Cookie are disclosed to the logs in cleartext. An attacker with read access to the log files can extract these credentials (e.g., bearer tokens, session cookies) and use them to impersonate users, leading to a full account compromise.

Improper Output Neutralization for Logs

Keycloak UMA Policy Bypass via Owner Check Leak
CVE-2025-14778 5.4 - Medium - February 09, 2026

A flaw was found in Keycloak. A significant Broken Access Control vulnerability exists in the UserManagedPermissionService (UMA Protection API). When updating or deleting a UMA policy associated with multiple resources, the authorization check only verifies the caller's ownership against the first resource in the policy's list. This allows a user (Owner A) who owns one resource (RA) to update a shared policy and modify authorization rules for other resources (e.g., RB) in that same policy, even if those other resources are owned by a different user (Owner B). This constitutes a horizontal privilege escalation.

Incorrect Privilege Assignment

Keycloak JWT Signature Bypass Allows Unauthorized Org Self-Registration
CVE-2026-1529 8.1 - High - February 09, 2026

A flaw was found in Keycloak. An attacker can exploit this vulnerability by modifying the organization ID and target email within a legitimate invitation token's JSON Web Token (JWT) payload. This lack of cryptographic signature verification allows the attacker to successfully self-register into an unauthorized organization, leading to unauthorized access.

Improper Verification of Cryptographic Signature

Keycloak JWT Authorization Grant Token Issued Even for Disabled IdP
CVE-2026-1486 8.8 - High - February 09, 2026

A flaw was found in Keycloak. A vulnerability exists in the jwt-authorization-grant flow where the server fails to verify if an Identity Provider (IdP) is enabled before issuing tokens. The issuer lookup mechanism (lookupIdentityProviderFromIssuer) retrieves the IdP configuration but does not filter for isEnabled=false. If an administrator disables an IdP (e.g., due to a compromise or offboarding), an entity possessing that IdP's signing key can still generate valid JWT assertions that Keycloak accepts, resulting in the issuance of valid access tokens.

Improperly Implemented Security Check for Standard

Insufficient backchannel validation in Keycloak CIBA blind SSRF
CVE-2026-1518 2.7 - Low - February 02, 2026

A flaw was found in Keycloaks CIBA feature where insufficient validation of client-configured backchannel notification endpoints could allow blind server-side requests to internal services.

SSRF

Keycloak /unmanagedAttributes Bypass Lets Admin View Sensitive Custom Attributes
CVE-2025-13881 2.7 - Low - February 02, 2026

A flaw was found in Keycloak Admin API. This vulnerability allows an administrator with limited privileges to retrieve sensitive custom attributes via the /unmanagedAttributes endpoint, bypassing User Profile visibility settings.

Incorrect Privilege Assignment

Undertow OOM via large servlet param names
CVE-2024-4027 7.5 - High - January 30, 2026

A flaw was found in Undertow. Servlets using a method that calls HttpServletRequestImpl.getParameterNames() can cause an OutOfMemoryError when the client sends a request with large parameter names. This issue can be exploited by an unauthorized user to cause a remote denial-of-service (DoS) attack.

Improper Input Validation

Keycloak SAML NotOnOrAfter Validation Bypass Enables Session Extension
CVE-2026-1190 3.1 - Low - January 26, 2026

A flaw was found in Keycloak's SAML brokering functionality. When Keycloak is configured as a client in a Security Assertion Markup Language (SAML) setup, it fails to validate the `NotOnOrAfter` timestamp within the `SubjectConfirmationData`. This allows an attacker to delay the expiration of SAML responses, potentially extending the time a response is considered valid and leading to unexpected session durations or resource consumption.

Missing XML Validation

RedHat Keycloak Admin REST API: Exposed Backend Schema via Improper Access Control
CVE-2025-14083 2.7 - Low - January 21, 2026

A flaw was found in the Keycloak Admin REST API. This vulnerability allows the exposure of backend schema and rules, potentially leading to targeted attacks or privilege escalation via improper access control.

Authorization

Keycloak Token Exchange BLP Allows Tokens to Disabled Users
CVE-2025-14559 6.5 - Medium - January 21, 2026

A flaw was found in the keycloak-services component of Keycloak. This vulnerability allows the issuance of access and refresh tokens for disabled users, leading to unauthorized use of previously revoked privileges, via a business logic vulnerability in the Token Exchange implementation when a privileged client invokes the token exchange flow.

Business Logic Errors

Keycloak Refresh Token Rotation Bypass via Atomicity Flaw
CVE-2026-1035 3.1 - Low - January 21, 2026

A flaw was found in the Keycloak server during refresh token processing, specifically in the TokenManager class responsible for enforcing refresh token reuse policies. When strict refresh token rotation is enabled, the validation and update of refresh token usage are not performed atomically. This allows concurrent refresh requests to bypass single-use enforcement and issue multiple access tokens from the same refresh token. As a result, Keycloaks refresh token rotation hardening can be undermined.

TOCTTOU

Keycloak OIDC DCR leaks internal via arbitrary jwks_uri
CVE-2026-1180 5.8 - Medium - January 20, 2026

A flaw was identified in Keycloaks OpenID Connect Dynamic Client Registration feature when clients authenticate using private_key_jwt. The issue allows a client to specify an arbitrary jwks_uri, which Keycloak then retrieves without validating the destination. This enables attackers to coerce the Keycloak server into making HTTP requests to internal or restricted network resources. As a result, attackers can probe internal services and cloud metadata endpoints, creating an information disclosure and reconnaissance risk.

SSRF

Keycloak URL Matrix Param Input Validation (CVE-2026-0976)
CVE-2026-0976 3.7 - Low - January 15, 2026

A flaw was found in Keycloak. This improper input validation vulnerability occurs because Keycloak accepts RFC-compliant matrix parameters in URL path segments, while common reverse proxy configurations may ignore or mishandle them. A remote attacker can craft requests to mask path segments, potentially bypassing proxy-level path filtering. This could expose administrative or sensitive endpoints that operators believe are not externally reachable.

Improper Input Validation

Keycloak Header Parser Permissive Bearer Token Validation (CVE-2026-0707)
CVE-2026-0707 5.3 - Medium - January 08, 2026

A flaw was found in Keycloak. The Keycloak Authorization header parser is overly permissive regarding the formatting of the "Bearer" authentication scheme. It accepts non-standard characters (such as tabs) as separators and tolerates case variations that deviate from RFC 6750 specifications.

Incorrect Behavior Order: Authorization Before Parsing and Canonicalization

Keycloak TLS 1.2 Renegotiation DoS (unauthenticated, CPU exhaustion)
CVE-2025-11419 7.5 - High - December 23, 2025

A flaw was found in Keycloak. This vulnerability allows an unauthenticated remote attacker to cause a denial of service (DoS) by repeatedly initiating TLS 1.2 client-initiated renegotiation requests to exhaust server CPU resources, making the service unavailable.

Allocation of Resources Without Limits or Throttling

Keycloak Admin API IDOR via ResourceSetService
CVE-2025-14777 6 - Medium - December 16, 2025

A flaw was found in Keycloak. An IDOR (Broken Access Control) vulnerability exists in the admin API endpoints for authorization resource management, specifically in ResourceSetService and PermissionTicketService. The system checks authorization against the resourceServer (client) ID provided in the API request, but the backend database lookup and modification operations (findById, delete) only use the resourceId. This mismatch allows an authenticated attacker with fine-grained admin permissions for one client (e.g., Client A) to delete or update resources belonging to another client (Client B) within the same realm by supplying a valid resource ID.

Authentication Bypass by Alternate Name

Keycloak Admin REST API Info Disclosure via /roles endpoint
CVE-2025-14082 2.7 - Low - December 10, 2025

A flaw was found in Keycloak Admin REST (Representational State Transfer) API. This vulnerability allows information disclosure of sensitive role metadata via insufficient authorization checks on the /admin/realms/{realm}/roles endpoint.

Authorization

Undertow OOM DoS via Large application/x-www-form-urlencoded
CVE-2024-3884 7.5 - High - December 03, 2025

A flaw was found in Undertow that can cause remote denial of service attacks. When the server uses the FormEncodedDataDefinition.doParse(StreamSourceChannel) method to parse large form data encoding with application/x-www-form-urlencoded, the method will cause an OutOfMemory issue. This flaw allows unauthorized users to cause a remote denial of service (DoS) attack.

Improper Input Validation

Keycloak LDAP Federation Deserialization via Malicious LDAP (CVE-2025-13467)
CVE-2025-13467 5.5 - Medium - November 25, 2025

A flaw was found in the Keycloak LDAP User Federation provider. This vulnerability allows an authenticated realm administrator to trigger deserialization of untrusted Java objects via a malicious LDAP server configuration.

Marshaling, Unmarshaling

Keycloak JDWP debug mode auto bind to 0.0.0.0 RCE
CVE-2025-11538 6.8 - Medium - November 13, 2025

A vulnerability exists in Keycloak's server distribution where enabling debug mode (--debug <port>) insecurely defaults to binding the Java Debug Wire Protocol (JDWP) port to all network interfaces (0.0.0.0). This exposes the debug port to the local network, allowing an attacker on the same network segment to attach a remote debugger and achieve remote code execution within the Keycloak Java virtual machine.

Binding to an Unrestricted IP Address

Keycloak Session ID Reuse Allows Token Hijacking
CVE-2025-12390 6 - Medium - October 28, 2025

A flaw was found in Keycloak. In Keycloak where a user can accidentally get access to another user's session if both use the same device and browser. This happens because Keycloak sometimes reuses session identifiers and doesnt clean up properly during logout when browser cookies are missing. As a result, one user may receive tokens that belong to another user.

Session Fixation

Keycloak | Relative Path Normalization flaw enabling /admin via HAProxy
CVE-2025-10939 3.7 - Low - October 28, 2025

A flaw was found in Keycloak. The Keycloak guides recommend to not expose /admin path to the outside in case the installation is using a proxy. The issue occurs at least via ha-proxy, as it can be tricked to using relative/non-normalized paths to access the /admin application path relative to /realms which is expected to be exposed.

DLL preloading

Keycloak Offline Session Persistence when Offline_Access scope removed
CVE-2025-12110 5.4 - Medium - October 23, 2025

A flaw was found in Keycloak. An offline session continues to be valid when the offline_access scope is removed from the client. The refresh token is accepted and you can continue to request new tokens for the session. As it can lead to a situation where an administrator removes the scope, and assumes that offline sessions are no longer available, but they are.

Insufficient Session Expiration

Keycloak 'Remember Me' disable ignored, extending session lifetime risk
CVE-2025-11429 5.4 - Medium - October 23, 2025

A flaw was found in Keycloak. Keycloak does not immediately enforce the disabling of the "Remember Me" realm setting on existing user sessions. Sessions created while "Remember Me" was active retain their extended session lifetime until they expire, overriding the administrator's recent security configuration change. This is a logic flaw in session management increases the potential window for successful session hijacking or unauthorized long-term access persistence. The flaw lies in the session expiration logic relying on the session-local "remember-me" flag without validating the current realm-level configuration.

Insufficient Session Expiration

Keycloak Windows Path Traversal in Vault Key Handling (CVE-2025-10043)
CVE-2025-10043 - September 05, 2025

Keycloak: Unvalidated error_description param enables XSS/Phishing
CVE-2025-10044 4.3 - Medium - September 05, 2025

A flaw was found in Keycloak. Keycloaks account console and other pages accept arbitrary text in the error_description query parameter. This text is directly rendered in error pages without validation or sanitization. While HTML encoding prevents XSS, an attacker can craft URLs with misleading messages (e.g., fake support phone numbers or URLs), which are displayed within the trusted Keycloak UI. This creates a phishing vector, potentially tricking users into contacting malicious actors.

XSS

Keycloak ModStor Service: EnvVar Injection via Realm Import
CVE-2025-9162 4.9 - Medium - August 21, 2025

A flaw was found in org.keycloak/keycloak-model-storage-service. The KeycloakRealmImport custom resource substitutes placeholders within imported realm documents, potentially referencing environment variables. This substitution process allows for injection attacks when crafted realm documents are processed. An attacker can leverage this to inject malicious content during the realm import procedure. This can lead to unintended consequences within the Keycloak environment.

Exposure of Sensitive Information Through Environmental Variables