| CVE-2024-10492 |
low |
2.7 |
2.7 |
|
|
|
2y ago |
Keycloak Path Traversal Vulnerability Due to External Control of File Name or Path |
| CVE-2025-11537 |
unknown |
— |
— |
|
|
|
4mo ago |
Keycloak logs sensitive headers |
| CVE-2026-0976 |
unknown |
— |
— |
|
|
|
5mo ago |
Keycloak has an improper input validation vulnerability |
| CVE-2025-10939 |
unknown |
— |
— |
|
|
|
6mo ago |
Keycloak unable to restrict access to the admin console |
| CVE-2024-10973 |
unknown |
— |
— |
|
|
|
1y ago |
Keycloak on Quarkus CLI option for encrypted JGroups ignored |
| CVE-2024-11734 |
unknown |
— |
— |
|
|
|
1y ago |
Denial of Service in Keycloak Server via Security Headers |
| CVE-2024-11736 |
unknown |
— |
— |
|
|
|
1y ago |
Keycloak allows unrestricted admin use of system and environment variables |
| CVE-2024-9666 |
unknown |
— |
— |
|
|
|
2y ago |
Keycloak proxy header handling Denial-of-Service (DoS) vulnerability |
| CVE-2024-10451 |
unknown |
— |
— |
|
|
|
2y ago |
Keycloak Build Process Exposes Sensitive Data |
