Skip to content

Commit 715a055

Browse files
1 parent c2dd36d commit 715a055

7 files changed

Lines changed: 409 additions & 156 deletions

File tree

Lines changed: 128 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,128 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-cpf7-j4cf-vqx4",
4+
"modified": "2026-07-01T21:27:37Z",
5+
"published": "2026-05-28T06:31:10Z",
6+
"aliases": [
7+
"CVE-2026-9803"
8+
],
9+
"summary": "Keycloak has an Out-of-bounds Read",
10+
"details": "A flaw was found in Keycloak's ClientRegistrationAuth component. A remote unauthenticated attacker can exploit this vulnerability by sending a specially crafted POST request with a malformed 'Authorization: Bearer' header to any client registration endpoint. This can lead to an ArrayIndexOutOfBoundsException, causing the server to return an HTTP 500 error and resulting in a Denial of Service (DoS) for the affected service.",
11+
"severity": [
12+
{
13+
"type": "CVSS_V3",
14+
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"
15+
}
16+
],
17+
"affected": [
18+
{
19+
"package": {
20+
"ecosystem": "Maven",
21+
"name": "org.keycloak:keycloak-services"
22+
},
23+
"ranges": [
24+
{
25+
"type": "ECOSYSTEM",
26+
"events": [
27+
{
28+
"introduced": "0"
29+
},
30+
{
31+
"last_affected": "26.4.7"
32+
}
33+
]
34+
}
35+
]
36+
},
37+
{
38+
"package": {
39+
"ecosystem": "Maven",
40+
"name": "org.keycloak:keycloak-services"
41+
},
42+
"ranges": [
43+
{
44+
"type": "ECOSYSTEM",
45+
"events": [
46+
{
47+
"introduced": "26.5.0"
48+
},
49+
{
50+
"fixed": "26.6.3"
51+
}
52+
]
53+
}
54+
]
55+
}
56+
],
57+
"references": [
58+
{
59+
"type": "ADVISORY",
60+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-9803"
61+
},
62+
{
63+
"type": "WEB",
64+
"url": "https://github.com/keycloak/keycloak/issues/49433"
65+
},
66+
{
67+
"type": "WEB",
68+
"url": "https://github.com/keycloak/keycloak/pull/49500"
69+
},
70+
{
71+
"type": "WEB",
72+
"url": "https://github.com/keycloak/keycloak/pull/49617"
73+
},
74+
{
75+
"type": "WEB",
76+
"url": "https://github.com/keycloak/keycloak/pull/49618"
77+
},
78+
{
79+
"type": "WEB",
80+
"url": "https://github.com/keycloak/keycloak/commit/2b8692499e907e6205be0bd9c8a4da5d46f6ca30"
81+
},
82+
{
83+
"type": "WEB",
84+
"url": "https://github.com/keycloak/keycloak/commit/3fc06909cc93eb5c4739a712fa350de625812e04"
85+
},
86+
{
87+
"type": "WEB",
88+
"url": "https://github.com/keycloak/keycloak/commit/ef06df91d344c7e99fcb82987ef6adb854f30789"
89+
},
90+
{
91+
"type": "WEB",
92+
"url": "https://access.redhat.com/errata/RHSA-2026:25097"
93+
},
94+
{
95+
"type": "WEB",
96+
"url": "https://access.redhat.com/errata/RHSA-2026:25098"
97+
},
98+
{
99+
"type": "WEB",
100+
"url": "https://access.redhat.com/errata/RHSA-2026:30049"
101+
},
102+
{
103+
"type": "WEB",
104+
"url": "https://access.redhat.com/errata/RHSA-2026:30050"
105+
},
106+
{
107+
"type": "WEB",
108+
"url": "https://access.redhat.com/security/cve/CVE-2026-9803"
109+
},
110+
{
111+
"type": "WEB",
112+
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482465"
113+
},
114+
{
115+
"type": "PACKAGE",
116+
"url": "https://github.com/keycloak/keycloak"
117+
}
118+
],
119+
"database_specific": {
120+
"cwe_ids": [
121+
"CWE-125"
122+
],
123+
"severity": "MODERATE",
124+
"github_reviewed": true,
125+
"github_reviewed_at": "2026-07-01T21:27:37Z",
126+
"nvd_published_at": "2026-05-28T06:16:29Z"
127+
}
128+
}

advisories/unreviewed/2026/05/GHSA-f6r7-6w34-x2gp/GHSA-f6r7-6w34-x2gp.json renamed to advisories/github-reviewed/2026/05/GHSA-f6r7-6w34-x2gp/GHSA-f6r7-6w34-x2gp.json

Lines changed: 41 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1,24 +1,57 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-f6r7-6w34-x2gp",
4-
"modified": "2026-06-26T09:30:46Z",
4+
"modified": "2026-07-01T21:26:37Z",
55
"published": "2026-05-28T06:31:10Z",
66
"aliases": [
77
"CVE-2026-9801"
88
],
9+
"summary": "Keycloak Vulnerable to Improper Validation of Specified Quantity in Input",
910
"details": "A flaw was found in Keycloak. A remote attacker with high privileges, such as a realm administrator configuring a malicious Lightweight Directory Access Protocol (LDAP) server or an attacker compromising an upstream LDAP server, could exploit this vulnerability. By sending a malformed LDAP password policy response during a password authentication request, the attacker can trigger an OutOfMemoryError. This causes the Keycloak Java Virtual Machine (JVM) to terminate, leading to a denial of service (DoS) for all realms on the affected node.",
1011
"severity": [
1112
{
1213
"type": "CVSS_V3",
1314
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"
1415
}
1516
],
16-
"affected": [],
17+
"affected": [
18+
{
19+
"package": {
20+
"ecosystem": "Maven",
21+
"name": "org.keycloak:keycloak-ldap-federation"
22+
},
23+
"ranges": [
24+
{
25+
"type": "ECOSYSTEM",
26+
"events": [
27+
{
28+
"introduced": "0"
29+
},
30+
{
31+
"fixed": "26.6.3"
32+
}
33+
]
34+
}
35+
]
36+
}
37+
],
1738
"references": [
1839
{
1940
"type": "ADVISORY",
2041
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-9801"
2142
},
43+
{
44+
"type": "WEB",
45+
"url": "https://github.com/keycloak/keycloak/issues/49434"
46+
},
47+
{
48+
"type": "WEB",
49+
"url": "https://github.com/keycloak/keycloak/pull/49514"
50+
},
51+
{
52+
"type": "WEB",
53+
"url": "https://github.com/keycloak/keycloak/commit/2c4fe42235ba8c265b1da3a30541a270d5bd8c39"
54+
},
2255
{
2356
"type": "WEB",
2457
"url": "https://access.redhat.com/errata/RHSA-2026:25097"
@@ -42,15 +75,19 @@
4275
{
4376
"type": "WEB",
4477
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482473"
78+
},
79+
{
80+
"type": "PACKAGE",
81+
"url": "https://github.com/keycloak/keycloak"
4582
}
4683
],
4784
"database_specific": {
4885
"cwe_ids": [
4986
"CWE-1284"
5087
],
5188
"severity": "MODERATE",
52-
"github_reviewed": false,
53-
"github_reviewed_at": null,
89+
"github_reviewed": true,
90+
"github_reviewed_at": "2026-07-01T21:26:37Z",
5491
"nvd_published_at": "2026-05-28T06:16:29Z"
5592
}
5693
}
Lines changed: 112 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,112 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-q6h7-xxp7-7429",
4+
"modified": "2026-07-01T21:26:22Z",
5+
"published": "2026-05-28T06:31:09Z",
6+
"aliases": [
7+
"CVE-2026-9798"
8+
],
9+
"summary": "Keycloak has an Authentication Bypass by Primary Weakness",
10+
"details": "A flaw was found in Keycloak, an open-source identity and access management solution. When a user account is temporarily locked due to repeated failed login attempts, an attacker with valid client credentials can exploit the Client-Initiated Backchannel Authentication (CIBA) flow to bypass this brute-force protection. This allows continued authentication attempts and token issuance even when the account should be locked, potentially enabling further unauthorized access attempts.",
11+
"severity": [
12+
{
13+
"type": "CVSS_V3",
14+
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"
15+
}
16+
],
17+
"affected": [
18+
{
19+
"package": {
20+
"ecosystem": "Maven",
21+
"name": "org.keycloak:keycloak-services"
22+
},
23+
"ranges": [
24+
{
25+
"type": "ECOSYSTEM",
26+
"events": [
27+
{
28+
"introduced": "0"
29+
},
30+
{
31+
"last_affected": "26.4.7"
32+
}
33+
]
34+
}
35+
]
36+
},
37+
{
38+
"package": {
39+
"ecosystem": "Maven",
40+
"name": "org.keycloak:keycloak-services"
41+
},
42+
"ranges": [
43+
{
44+
"type": "ECOSYSTEM",
45+
"events": [
46+
{
47+
"introduced": "26.5.0"
48+
},
49+
{
50+
"last_affected": "26.6.4"
51+
}
52+
]
53+
}
54+
]
55+
}
56+
],
57+
"references": [
58+
{
59+
"type": "ADVISORY",
60+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-9798"
61+
},
62+
{
63+
"type": "WEB",
64+
"url": "https://github.com/keycloak/keycloak/issues/49432"
65+
},
66+
{
67+
"type": "WEB",
68+
"url": "https://github.com/keycloak/keycloak/pull/49791"
69+
},
70+
{
71+
"type": "WEB",
72+
"url": "https://github.com/keycloak/keycloak/pull/49903"
73+
},
74+
{
75+
"type": "WEB",
76+
"url": "https://github.com/keycloak/keycloak/pull/49905"
77+
},
78+
{
79+
"type": "WEB",
80+
"url": "https://github.com/keycloak/keycloak/commit/11c2695064cd93da1d333df3f69d4a4141e86c29"
81+
},
82+
{
83+
"type": "WEB",
84+
"url": "https://github.com/keycloak/keycloak/commit/2edc6b112e2dedce63062b89ab3c7ae542e0d9ac"
85+
},
86+
{
87+
"type": "WEB",
88+
"url": "https://github.com/keycloak/keycloak/commit/a11e3254efc16ae72ce5092b93b9f557a4ba43ae"
89+
},
90+
{
91+
"type": "WEB",
92+
"url": "https://access.redhat.com/security/cve/CVE-2026-9798"
93+
},
94+
{
95+
"type": "WEB",
96+
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482470"
97+
},
98+
{
99+
"type": "PACKAGE",
100+
"url": "https://github.com/keycloak/keycloak"
101+
}
102+
],
103+
"database_specific": {
104+
"cwe_ids": [
105+
"CWE-305"
106+
],
107+
"severity": "MODERATE",
108+
"github_reviewed": true,
109+
"github_reviewed_at": "2026-07-01T21:26:22Z",
110+
"nvd_published_at": "2026-05-28T06:16:29Z"
111+
}
112+
}

0 commit comments

Comments
 (0)