Skip to main content

Red Hat Keycloak EUVD-2026-32716

| CVE-2026-9796 MEDIUM
Time-of-check Time-of-use (TOCTOU) Race Condition (CWE-367)
2026-05-28 redhat GHSA-pq65-77rc-7r8c
Privilege Escalation
6.5
CVSS 3.1
Share

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
None

Lifecycle Timeline

1
Analysis Generated
May 28, 2026 - 05:04 vuln.today

DescriptionNVD

A flaw was found in Keycloak. An authenticated administrator with the manage-clients role can exploit a Time-of-check to time-of-use (TOCTOU) vulnerability in the name-based admin role checks. This allows the attacker to escalate their privileges to realm-admin for all users within the realm, granting them extensive control over the system. The composite role relationship persists even after the attacker's own permissions are revoked and across system reboots.

AnalysisAI

Privilege escalation in Red Hat Build of Keycloak allows an authenticated administrator holding the manage-clients role to exploit a Time-of-check to time-of-use (TOCTOU) race condition in name-based admin role checks, elevating their privileges to realm-admin for all users within the realm. The resulting composite role relationship is persistent - it survives both manual revocation of the attacker's original permissions and system reboots, making remediation non-trivial post-exploitation. …

Sign in for full analysis, threat intelligence, and remediation guidance.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

Share

EUVD-2026-32716 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy