Keycloak

3 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2026-0871 Maven MEDIUM PATCH This Month

Build Of Keycloak contains a vulnerability that allows attackers to unauthorized changes to user profiles, even when the system is configured to res (CVSS 4.9).

Authentication Bypass Red Hat Build Of Keycloak Keycloak

NVD

CVSS 3.1

4.9

EPSS

0.0%

CVE-2025-8419 Maven MEDIUM PATCH This Month

A vulnerability was found in Keycloak-services. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Code Injection Red Hat Keycloak

NVD

CVSS 3.1

5.3

EPSS

0.0%

CVE-2024-7341 Maven HIGH PATCH This Month

A session fixation issue was discovered in the SAML adapters provided by Keycloak. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Session Fixation Build Of Keycloak Keycloak Single Sign On

NVD GitHub

CVSS 3.1

7.1

EPSS

1.7%

CVE-2026-0871 Maven

EPSS 0% CVSS 4.9

MEDIUM PATCH This Month

Build Of Keycloak contains a vulnerability that allows attackers to unauthorized changes to user profiles, even when the system is configured to res (CVSS 4.9).

Authentication Bypass Red Hat Build Of Keycloak +1

NVD

CVE-2025-8419 Maven

EPSS 0% CVSS 5.3

MEDIUM PATCH This Month

Code Injection Red Hat Keycloak

NVD

CVE-2024-7341 Maven

EPSS 2% CVSS 7.1

HIGH PATCH This Month

A session fixation issue was discovered in the SAML adapters provided by Keycloak. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Session Fixation Build Of Keycloak +2

NVD GitHub