EUVD-2026-18208
GHSA-hj93-h7pg-fh6v
CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Lifecycle Timeline
4Tags
Description
A flaw was found in Keycloak. The SingleUseObjectProvider, a global key-value store, lacks proper type and namespace isolation. This vulnerability allows an unauthenticated attacker to forge authorization codes. Successful exploitation can lead to the creation of admin-capable access tokens, resulting in privilege escalation.
Analysis
Authorization code forgery in Red Hat Keycloak enables unauthenticated attackers to escalate privileges to admin-level access tokens. The SingleUseObjectProvider's lack of type and namespace isolation permits attackers to forge valid authorization codes remotely, though exploitation requires high complexity (AC:H). …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Inventory all Red Hat Keycloak deployments and document versions in use; notify identity and access management teams and dependent application owners. Within 7 days: Implement compensating controls (see below); monitor Keycloak logs for suspicious token generation patterns and authorization code reuse attempts; contact Red Hat for patch timeline estimates. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today