CVE-2025-14559

MEDIUM

Keycloak Services 26.5.0-26.5.1 - Unauthorized Token Issuance via Token Exchange Flow

Title source: llm
STIX 2.1

Description

A flaw was found in the keycloak-services component of Keycloak. This vulnerability allows the issuance of access and refresh tokens for disabled users, leading to unauthorized use of previously revoked privileges, via a business logic vulnerability in the Token Exchange implementation when a privileged client invokes the token exchange flow.

References (4)

Core 4
Core References
Vendor Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2026:2365
Vendor Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2026:2366
Vendor Advisory vdb-entry x_refsource_redhat
https://access.redhat.com/security/cve/CVE-2025-14559
Issue Tracking issue-tracking x_refsource_redhat
https://bugzilla.redhat.com/show_bug.cgi?id=2421711

Scores

CVSS v3 6.5
EPSS 0.0002
EPSS Percentile 4.2%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-840
Status published
Products (5)
org.keycloak/keycloak-services 26.5.0 - 26.5.2Maven
Red Hat/Red Hat build of Keycloak 26.4 26.4-10
Red Hat/Red Hat build of Keycloak 26.4 26.4-11
Red Hat/Red Hat build of Keycloak 26.4 26.4.9-1
Red Hat/Red Hat build of Keycloak 26.4.9
Published Jan 21, 2026
Tracked Since Feb 18, 2026