Org.keycloak

156 tracked vulnerabilities.

CVE-2026-3047 HIGH
Keycloak - Auth Bypass
Mar 05, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-3009 HIGH
Keycloak - Auth Bypass
Mar 05, 2026
CVSS 8.1
EPSS 0.00
CVE-2025-12150 LOW
Keycloak - Auth Bypass
Feb 27, 2026
CVSS 3.1
EPSS 0.00
CVE-2026-0871 MEDIUM
Keycloak - Privilege Escalation
Feb 27, 2026
CVSS 4.9
EPSS 0.00
CVE-2026-2733 LOW
Keycloak Docker v2 - Auth Bypass
Feb 19, 2026
CVSS 3.8
EPSS 0.00
CVE-2025-11537 MEDIUM
Keycloak - Info Disclosure
Feb 10, 2026
CVSS 5.0
EPSS 0.00
CVE-2026-1529 HIGH
Org.keycloak Keycloak-services - Signature Verification Bypass
Feb 09, 2026
CVSS 8.1
EPSS 0.00
CVE-2026-1486 HIGH
Keycloak - Privilege Escalation
Feb 09, 2026
CVSS 8.8
EPSS 0.00
CVE-2025-14778 MEDIUM
Org.keycloak Keycloak-services - Incorrect Privilege Assignment
Feb 09, 2026
CVSS 5.4
EPSS 0.00
CVE-2026-1518 LOW
Org.keycloak Keycloak-parent - SSRF
Feb 02, 2026
CVSS 2.7
EPSS 0.00
CVE-2025-13881 LOW
Org.keycloak Keycloak-services - Incorrect Privilege Assignment
Feb 02, 2026
CVSS 2.7
EPSS 0.00
CVE-2026-1190 LOW
Keycloak - Info Disclosure
Jan 26, 2026
CVSS 3.1
EPSS 0.00
CVE-2025-14083 LOW
Org.keycloak Keycloak-services - Improper Access Control
Jan 21, 2026
CVSS 2.7
EPSS 0.00
CVE-2025-14559 MEDIUM
Keycloak - Privilege Escalation
Jan 21, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-1035 LOW
Org.keycloak Keycloak-services - TOCTOU Race Condition
Jan 21, 2026
CVSS 3.1
EPSS 0.00
CVE-2026-1180 MEDIUM
Org.keycloak Keycloak-adapter-core - SSRF
Jan 20, 2026
CVSS 5.8
EPSS 0.00
CVE-2026-0976 LOW
Org.keycloak Keycloak-quarkus-server - Improper Input Validation
Jan 15, 2026
CVSS 3.7
EPSS 0.00
CVE-2026-0707 MEDIUM
Keycloak - Auth Bypass
Jan 08, 2026
CVSS 5.3
EPSS 0.00
CVE-2025-11419 HIGH
Keycloak - DoS
Dec 23, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-14082 LOW
Org.keycloak Keycloak-services < 26.5.0 - Improper Access Control
Dec 10, 2025
CVSS 2.7
EPSS 0.00
CVE-2025-13467 MEDIUM
Org.keycloak Keycloak-ldap-federation - Insecure Deserialization
Nov 25, 2025
CVSS 5.5
EPSS 0.00
CVE-2025-11538 MEDIUM
Org.keycloak Keycloak-quarkus-dist < 26.4.4 - Remote Code Execution
Nov 13, 2025
CVSS 6.8
EPSS 0.00
CVE-2025-12390 MEDIUM
Keycloak - Info Disclosure
Oct 28, 2025
CVSS 6.0
EPSS 0.00
CVE-2025-10939 LOW
Org.keycloak Keycloak-quarkus-server - Uncontrolled Search Path
Oct 28, 2025
CVSS 3.7
EPSS 0.00
CVE-2025-12110 MEDIUM
Org.keycloak Keycloak-services - Insufficient Session Expiration
Oct 23, 2025
CVSS 5.4
EPSS 0.00
Products
keycloak-services 56 keycloak-core 49 keycloak-parent 25 keycloak-quarkus-server 9 keycloak-ldap-federation 4 keycloak-server-spi-private 3 keycloak-model-jpa 2 keycloak-model-infinispan 2 keycloak-quarkus-dist 2 keycloak-saml-core 2 keycloak-model-storage-services 1 keycloak-oidc-client-adapter-pom 1 keycloak-broker-saml 1 keycloak-admin-ui 1 keycloak-authz-client 1 keycloak-saml-adapter-core 1 keycloak-common 1 keycloak-adapter-core 1 keycloak-account-ui 1
Quick Filters
Critical CVEs With Exploits In CISA KEV