Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for Red Hat build of Keycloak 26.2.13 by Red Hat

    CVE-2026-1529 (GCVE-0-2026-1529)

    Vulnerability from nvd – Published: 2026-02-09 18:36 – Updated: 2026-06-30 12:07
    VLAI
    Title
    Org.keycloak.services.resources.organizations: keycloak: unauthorized organization registration via improper invitation token validation
    Summary
    A flaw was found in Keycloak. An attacker can exploit this vulnerability by modifying the organization ID and target email within a legitimate invitation token's JSON Web Token (JWT) payload. This lack of cryptographic signature verification allows the attacker to successfully self-register into an unauthorized organization, leading to unauthorized access.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-347 - Improper Verification of Cryptographic Signature
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2026:2363 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:2364 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:2365 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:2366 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2026-1529 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2433783 issue-trackingx_refsource_REDHAT
    https://security.access.redhat.com/data/csaf/v2/v… x_sadp-csaf-vex
    Impacted products
    Vendor Product Version
    Red Hat Red Hat build of Keycloak 26.2 Unaffected: 26.2.13-1 , < * (rpm)
        cpe:/a:redhat:build_keycloak:26.2::el9
    Create a notification for this product.
    Red Hat Red Hat build of Keycloak 26.2 Unaffected: 26.2-15 , < * (rpm)
        cpe:/a:redhat:build_keycloak:26.2::el9
    Create a notification for this product.
    Red Hat Red Hat build of Keycloak 26.2.13     cpe:/a:redhat:build_keycloak:26.2::el9
    Create a notification for this product.
    Red Hat Red Hat build of Keycloak 26.4 Unaffected: 26.4.9-1 , < * (rpm)
        cpe:/a:redhat:build_keycloak:26.4::el9
    Create a notification for this product.
    Red Hat Red Hat build of Keycloak 26.4 Unaffected: 26.4-11 , < * (rpm)
        cpe:/a:redhat:build_keycloak:26.4::el9
    Create a notification for this product.
    Red Hat Red Hat build of Keycloak 26.4 Unaffected: 26.4-10 , < * (rpm)
        cpe:/a:redhat:build_keycloak:26.4::el9
    Create a notification for this product.
    Red Hat Red Hat build of Keycloak 26.4.9     cpe:/a:redhat:build_keycloak:26.4::el9
    Create a notification for this product.
    Red Hat Red Hat build of Keycloak 26.2     cpe:/a:redhat:build_keycloak:26.2::el9
    Create a notification for this product.
    Red Hat Red Hat build of Keycloak 26.4     cpe:/a:redhat:build_keycloak:26.4::el9
    Create a notification for this product.
    Date Public
    2026-02-09 18:21
    Credits
    Red Hat would like to thank Joy Gilbert (gwthr) and Reynaldo Immanuel for reporting this issue.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-1529",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-09T20:51:02.872925Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-09T20:51:17.932Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/a:redhat:build_keycloak:26.2::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat build of Keycloak 26.2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:build_keycloak:26.4::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat build of Keycloak 26.4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:build_keycloak:26.2::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat build of Keycloak 26.2.13",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:build_keycloak:26.4::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat build of Keycloak 26.4.9",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-02-09T18:21:00.000Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in Keycloak. An attacker can exploit this vulnerability by modifying the organization ID and target email within a legitimate invitation token\u0027s JSON Web Token (JWT) payload. This lack of cryptographic signature verification allows the attacker to successfully self-register into an unauthorized organization, leading to unauthorized access."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 8.1,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-347",
                    "description": "Improper Verification of Cryptographic Signature",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T12:07:08.620Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-1529"
              },
              {
                "name": "RHBZ#2433783",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2433783"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-1529.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:2364"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:2366"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:2363"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:2365"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:2364: Red Hat build of Keycloak 26.2"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:2366: Red Hat build of Keycloak 26.4"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:2363: Red Hat build of Keycloak 26.2.13"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:2365: Red Hat build of Keycloak 26.4.9"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-01-28T12:29:47.086Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-02-09T18:21:00.000Z",
                "value": "Made public."
              }
            ],
            "title": "org.keycloak.services.resources.organizations: Keycloak: Unauthorized organization registration via improper invitation token validation",
            "workarounds": [
              {
                "lang": "en",
                "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."
              }
            ],
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:build_keycloak:26.2::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rhbk/keycloak-operator-bundle",
              "product": "Red Hat build of Keycloak 26.2",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "26.2.13-1",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:build_keycloak:26.2::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rhbk/keycloak-rhel9",
              "product": "Red Hat build of Keycloak 26.2",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "26.2-15",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:build_keycloak:26.2::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rhbk/keycloak-rhel9-operator",
              "product": "Red Hat build of Keycloak 26.2",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "26.2-15",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:build_keycloak:26.2::el9"
              ],
              "defaultStatus": "unaffected",
              "packageName": "rhbk/keycloak-rhel9",
              "product": "Red Hat build of Keycloak 26.2.13",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:build_keycloak:26.4::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rhbk/keycloak-operator-bundle",
              "product": "Red Hat build of Keycloak 26.4",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "26.4.9-1",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:build_keycloak:26.4::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rhbk/keycloak-rhel9",
              "product": "Red Hat build of Keycloak 26.4",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "26.4-11",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:build_keycloak:26.4::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rhbk/keycloak-rhel9-operator",
              "product": "Red Hat build of Keycloak 26.4",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "26.4-10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:build_keycloak:26.4::el9"
              ],
              "defaultStatus": "unaffected",
              "packageName": "rhbk/keycloak-rhel9",
              "product": "Red Hat build of Keycloak 26.4.9",
              "vendor": "Red Hat"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Red Hat would like to thank Joy Gilbert (gwthr) and Reynaldo Immanuel for reporting this issue."
            }
          ],
          "datePublic": "2026-02-09T18:21:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in Keycloak. An attacker can exploit this vulnerability by modifying the organization ID and target email within a legitimate invitation token\u0027s JSON Web Token (JWT) payload. This lack of cryptographic signature verification allows the attacker to successfully self-register into an unauthorized organization, leading to unauthorized access."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Important"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 8.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-347",
                  "description": "Improper Verification of Cryptographic Signature",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-16T21:45:35.169Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2026:2363",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:2363"
            },
            {
              "name": "RHSA-2026:2364",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:2364"
            },
            {
              "name": "RHSA-2026:2365",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:2365"
            },
            {
              "name": "RHSA-2026:2366",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:2366"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2026-1529"
            },
            {
              "name": "RHBZ#2433783",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2433783"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-01-28T12:29:47.086Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2026-02-09T18:21:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Org.keycloak.services.resources.organizations: keycloak: unauthorized organization registration via improper invitation token validation",
          "workarounds": [
            {
              "lang": "en",
              "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          },
          "x_redhatCweChain": "CWE-347: Improper Verification of Cryptographic Signature"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2026-1529",
        "datePublished": "2026-02-09T18:36:15.077Z",
        "dateReserved": "2026-01-28T12:22:02.063Z",
        "dateUpdated": "2026-06-30T12:07:08.620Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-14778 (GCVE-0-2025-14778)

    Vulnerability from nvd – Published: 2026-02-09 18:58 – Updated: 2026-02-10 01:04
    VLAI
    Title
    Keycloak: incorrect ownership checks in /uma-policy/
    Summary
    A flaw was found in Keycloak. A significant Broken Access Control vulnerability exists in the UserManagedPermissionService (UMA Protection API). When updating or deleting a UMA policy associated with multiple resources, the authorization check only verifies the caller's ownership against the first resource in the policy's list. This allows a user (Owner A) who owns one resource (RA) to update a shared policy and modify authorization rules for other resources (e.g., RB) in that same policy, even if those other resources are owned by a different user (Owner B). This constitutes a horizontal privilege escalation.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-266 - Incorrect Privilege Assignment
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2026:2363 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:2364 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:2365 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:2366 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2025-14778 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2422600 issue-trackingx_refsource_REDHAT
    Impacted products
    Vendor Product Version
    Red Hat Red Hat build of Keycloak 26.2 Unaffected: 26.2.13-1 , < * (rpm)
        cpe:/a:redhat:build_keycloak:26.2::el9
    Create a notification for this product.
    Red Hat Red Hat build of Keycloak 26.2 Unaffected: 26.2-15 , < * (rpm)
        cpe:/a:redhat:build_keycloak:26.2::el9
    Create a notification for this product.
    Red Hat Red Hat build of Keycloak 26.2.13     cpe:/a:redhat:build_keycloak:26.2::el9
    Create a notification for this product.
    Red Hat Red Hat build of Keycloak 26.4 Unaffected: 26.4.9-1 , < * (rpm)
        cpe:/a:redhat:build_keycloak:26.4::el9
    Create a notification for this product.
    Red Hat Red Hat build of Keycloak 26.4 Unaffected: 26.4-11 , < * (rpm)
        cpe:/a:redhat:build_keycloak:26.4::el9
    Create a notification for this product.
    Red Hat Red Hat build of Keycloak 26.4 Unaffected: 26.4-10 , < * (rpm)
        cpe:/a:redhat:build_keycloak:26.4::el9
    Create a notification for this product.
    Red Hat Red Hat build of Keycloak 26.4.9     cpe:/a:redhat:build_keycloak:26.4::el9
    Create a notification for this product.
    Date Public
    2026-02-09 18:24
    Credits
    Red Hat would like to thank Joshua Rogers for reporting this issue.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-14778",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-09T19:51:45.628050Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-09T19:51:55.663Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:build_keycloak:26.2::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rhbk/keycloak-operator-bundle",
              "product": "Red Hat build of Keycloak 26.2",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "26.2.13-1",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:build_keycloak:26.2::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rhbk/keycloak-rhel9",
              "product": "Red Hat build of Keycloak 26.2",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "26.2-15",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:build_keycloak:26.2::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rhbk/keycloak-rhel9-operator",
              "product": "Red Hat build of Keycloak 26.2",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "26.2-15",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:build_keycloak:26.2::el9"
              ],
              "defaultStatus": "unaffected",
              "packageName": "rhbk/keycloak-rhel9-operator",
              "product": "Red Hat build of Keycloak 26.2.13",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:build_keycloak:26.4::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rhbk/keycloak-operator-bundle",
              "product": "Red Hat build of Keycloak 26.4",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "26.4.9-1",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:build_keycloak:26.4::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rhbk/keycloak-rhel9",
              "product": "Red Hat build of Keycloak 26.4",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "26.4-11",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:build_keycloak:26.4::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rhbk/keycloak-rhel9-operator",
              "product": "Red Hat build of Keycloak 26.4",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "26.4-10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:build_keycloak:26.4::el9"
              ],
              "defaultStatus": "unaffected",
              "packageName": "rhbk/keycloak-rhel9-operator",
              "product": "Red Hat build of Keycloak 26.4.9",
              "vendor": "Red Hat"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Red Hat would like to thank Joshua Rogers for reporting this issue."
            }
          ],
          "datePublic": "2026-02-09T18:24:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in Keycloak. A significant Broken Access Control vulnerability exists in the UserManagedPermissionService (UMA Protection API). When updating or deleting a UMA policy associated with multiple resources, the authorization check only verifies the caller\u0027s ownership against the first resource in the policy\u0027s list. This allows a user (Owner A) who owns one resource (RA) to update a shared policy and modify authorization rules for other resources (e.g., RB) in that same policy, even if those other resources are owned by a different user (Owner B). This constitutes a horizontal privilege escalation."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Moderate"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-266",
                  "description": "Incorrect Privilege Assignment",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-10T01:04:37.407Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2026:2363",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:2363"
            },
            {
              "name": "RHSA-2026:2364",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:2364"
            },
            {
              "name": "RHSA-2026:2365",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:2365"
            },
            {
              "name": "RHSA-2026:2366",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:2366"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2025-14778"
            },
            {
              "name": "RHBZ#2422600",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2422600"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-12-16T05:01:06.107Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2026-02-09T18:24:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Keycloak: incorrect ownership checks in /uma-policy/",
          "workarounds": [
            {
              "lang": "en",
              "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          },
          "x_redhatCweChain": "CWE-266: Incorrect Privilege Assignment"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2025-14778",
        "datePublished": "2026-02-09T18:58:29.065Z",
        "dateReserved": "2025-12-16T05:02:19.510Z",
        "dateUpdated": "2026-02-10T01:04:37.407Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-14778 (GCVE-0-2025-14778)

    Vulnerability from cvelistv5 – Published: 2026-02-09 18:58 – Updated: 2026-02-10 01:04
    VLAI
    Title
    Keycloak: incorrect ownership checks in /uma-policy/
    Summary
    A flaw was found in Keycloak. A significant Broken Access Control vulnerability exists in the UserManagedPermissionService (UMA Protection API). When updating or deleting a UMA policy associated with multiple resources, the authorization check only verifies the caller's ownership against the first resource in the policy's list. This allows a user (Owner A) who owns one resource (RA) to update a shared policy and modify authorization rules for other resources (e.g., RB) in that same policy, even if those other resources are owned by a different user (Owner B). This constitutes a horizontal privilege escalation.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-266 - Incorrect Privilege Assignment
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2026:2363 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:2364 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:2365 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:2366 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2025-14778 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2422600 issue-trackingx_refsource_REDHAT
    Impacted products
    Vendor Product Version
    Red Hat Red Hat build of Keycloak 26.2 Unaffected: 26.2.13-1 , < * (rpm)
        cpe:/a:redhat:build_keycloak:26.2::el9
    Create a notification for this product.
    Red Hat Red Hat build of Keycloak 26.2 Unaffected: 26.2-15 , < * (rpm)
        cpe:/a:redhat:build_keycloak:26.2::el9
    Create a notification for this product.
    Red Hat Red Hat build of Keycloak 26.2.13     cpe:/a:redhat:build_keycloak:26.2::el9
    Create a notification for this product.
    Red Hat Red Hat build of Keycloak 26.4 Unaffected: 26.4.9-1 , < * (rpm)
        cpe:/a:redhat:build_keycloak:26.4::el9
    Create a notification for this product.
    Red Hat Red Hat build of Keycloak 26.4 Unaffected: 26.4-11 , < * (rpm)
        cpe:/a:redhat:build_keycloak:26.4::el9
    Create a notification for this product.
    Red Hat Red Hat build of Keycloak 26.4 Unaffected: 26.4-10 , < * (rpm)
        cpe:/a:redhat:build_keycloak:26.4::el9
    Create a notification for this product.
    Red Hat Red Hat build of Keycloak 26.4.9     cpe:/a:redhat:build_keycloak:26.4::el9
    Create a notification for this product.
    Date Public
    2026-02-09 18:24
    Credits
    Red Hat would like to thank Joshua Rogers for reporting this issue.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-14778",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-09T19:51:45.628050Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-09T19:51:55.663Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:build_keycloak:26.2::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rhbk/keycloak-operator-bundle",
              "product": "Red Hat build of Keycloak 26.2",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "26.2.13-1",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:build_keycloak:26.2::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rhbk/keycloak-rhel9",
              "product": "Red Hat build of Keycloak 26.2",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "26.2-15",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:build_keycloak:26.2::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rhbk/keycloak-rhel9-operator",
              "product": "Red Hat build of Keycloak 26.2",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "26.2-15",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:build_keycloak:26.2::el9"
              ],
              "defaultStatus": "unaffected",
              "packageName": "rhbk/keycloak-rhel9-operator",
              "product": "Red Hat build of Keycloak 26.2.13",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:build_keycloak:26.4::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rhbk/keycloak-operator-bundle",
              "product": "Red Hat build of Keycloak 26.4",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "26.4.9-1",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:build_keycloak:26.4::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rhbk/keycloak-rhel9",
              "product": "Red Hat build of Keycloak 26.4",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "26.4-11",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:build_keycloak:26.4::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rhbk/keycloak-rhel9-operator",
              "product": "Red Hat build of Keycloak 26.4",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "26.4-10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:build_keycloak:26.4::el9"
              ],
              "defaultStatus": "unaffected",
              "packageName": "rhbk/keycloak-rhel9-operator",
              "product": "Red Hat build of Keycloak 26.4.9",
              "vendor": "Red Hat"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Red Hat would like to thank Joshua Rogers for reporting this issue."
            }
          ],
          "datePublic": "2026-02-09T18:24:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in Keycloak. A significant Broken Access Control vulnerability exists in the UserManagedPermissionService (UMA Protection API). When updating or deleting a UMA policy associated with multiple resources, the authorization check only verifies the caller\u0027s ownership against the first resource in the policy\u0027s list. This allows a user (Owner A) who owns one resource (RA) to update a shared policy and modify authorization rules for other resources (e.g., RB) in that same policy, even if those other resources are owned by a different user (Owner B). This constitutes a horizontal privilege escalation."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Moderate"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-266",
                  "description": "Incorrect Privilege Assignment",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-10T01:04:37.407Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2026:2363",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:2363"
            },
            {
              "name": "RHSA-2026:2364",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:2364"
            },
            {
              "name": "RHSA-2026:2365",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:2365"
            },
            {
              "name": "RHSA-2026:2366",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:2366"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2025-14778"
            },
            {
              "name": "RHBZ#2422600",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2422600"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-12-16T05:01:06.107Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2026-02-09T18:24:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Keycloak: incorrect ownership checks in /uma-policy/",
          "workarounds": [
            {
              "lang": "en",
              "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          },
          "x_redhatCweChain": "CWE-266: Incorrect Privilege Assignment"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2025-14778",
        "datePublished": "2026-02-09T18:58:29.065Z",
        "dateReserved": "2025-12-16T05:02:19.510Z",
        "dateUpdated": "2026-02-10T01:04:37.407Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-1529 (GCVE-0-2026-1529)

    Vulnerability from cvelistv5 – Published: 2026-02-09 18:36 – Updated: 2026-06-30 12:07
    VLAI
    Title
    Org.keycloak.services.resources.organizations: keycloak: unauthorized organization registration via improper invitation token validation
    Summary
    A flaw was found in Keycloak. An attacker can exploit this vulnerability by modifying the organization ID and target email within a legitimate invitation token's JSON Web Token (JWT) payload. This lack of cryptographic signature verification allows the attacker to successfully self-register into an unauthorized organization, leading to unauthorized access.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-347 - Improper Verification of Cryptographic Signature
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2026:2363 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:2364 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:2365 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:2366 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2026-1529 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2433783 issue-trackingx_refsource_REDHAT
    https://security.access.redhat.com/data/csaf/v2/v… x_sadp-csaf-vex
    Impacted products
    Vendor Product Version
    Red Hat Red Hat build of Keycloak 26.2 Unaffected: 26.2.13-1 , < * (rpm)
        cpe:/a:redhat:build_keycloak:26.2::el9
    Create a notification for this product.
    Red Hat Red Hat build of Keycloak 26.2 Unaffected: 26.2-15 , < * (rpm)
        cpe:/a:redhat:build_keycloak:26.2::el9
    Create a notification for this product.
    Red Hat Red Hat build of Keycloak 26.2.13     cpe:/a:redhat:build_keycloak:26.2::el9
    Create a notification for this product.
    Red Hat Red Hat build of Keycloak 26.4 Unaffected: 26.4.9-1 , < * (rpm)
        cpe:/a:redhat:build_keycloak:26.4::el9
    Create a notification for this product.
    Red Hat Red Hat build of Keycloak 26.4 Unaffected: 26.4-11 , < * (rpm)
        cpe:/a:redhat:build_keycloak:26.4::el9
    Create a notification for this product.
    Red Hat Red Hat build of Keycloak 26.4 Unaffected: 26.4-10 , < * (rpm)
        cpe:/a:redhat:build_keycloak:26.4::el9
    Create a notification for this product.
    Red Hat Red Hat build of Keycloak 26.4.9     cpe:/a:redhat:build_keycloak:26.4::el9
    Create a notification for this product.
    Red Hat Red Hat build of Keycloak 26.2     cpe:/a:redhat:build_keycloak:26.2::el9
    Create a notification for this product.
    Red Hat Red Hat build of Keycloak 26.4     cpe:/a:redhat:build_keycloak:26.4::el9
    Create a notification for this product.
    Date Public
    2026-02-09 18:21
    Credits
    Red Hat would like to thank Joy Gilbert (gwthr) and Reynaldo Immanuel for reporting this issue.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-1529",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-09T20:51:02.872925Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-09T20:51:17.932Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/a:redhat:build_keycloak:26.2::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat build of Keycloak 26.2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:build_keycloak:26.4::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat build of Keycloak 26.4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:build_keycloak:26.2::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat build of Keycloak 26.2.13",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:build_keycloak:26.4::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat build of Keycloak 26.4.9",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-02-09T18:21:00.000Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in Keycloak. An attacker can exploit this vulnerability by modifying the organization ID and target email within a legitimate invitation token\u0027s JSON Web Token (JWT) payload. This lack of cryptographic signature verification allows the attacker to successfully self-register into an unauthorized organization, leading to unauthorized access."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 8.1,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-347",
                    "description": "Improper Verification of Cryptographic Signature",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T12:07:08.620Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-1529"
              },
              {
                "name": "RHBZ#2433783",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2433783"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-1529.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:2364"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:2366"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:2363"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:2365"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:2364: Red Hat build of Keycloak 26.2"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:2366: Red Hat build of Keycloak 26.4"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:2363: Red Hat build of Keycloak 26.2.13"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:2365: Red Hat build of Keycloak 26.4.9"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-01-28T12:29:47.086Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-02-09T18:21:00.000Z",
                "value": "Made public."
              }
            ],
            "title": "org.keycloak.services.resources.organizations: Keycloak: Unauthorized organization registration via improper invitation token validation",
            "workarounds": [
              {
                "lang": "en",
                "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."
              }
            ],
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:build_keycloak:26.2::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rhbk/keycloak-operator-bundle",
              "product": "Red Hat build of Keycloak 26.2",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "26.2.13-1",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:build_keycloak:26.2::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rhbk/keycloak-rhel9",
              "product": "Red Hat build of Keycloak 26.2",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "26.2-15",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:build_keycloak:26.2::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rhbk/keycloak-rhel9-operator",
              "product": "Red Hat build of Keycloak 26.2",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "26.2-15",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:build_keycloak:26.2::el9"
              ],
              "defaultStatus": "unaffected",
              "packageName": "rhbk/keycloak-rhel9",
              "product": "Red Hat build of Keycloak 26.2.13",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:build_keycloak:26.4::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rhbk/keycloak-operator-bundle",
              "product": "Red Hat build of Keycloak 26.4",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "26.4.9-1",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:build_keycloak:26.4::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rhbk/keycloak-rhel9",
              "product": "Red Hat build of Keycloak 26.4",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "26.4-11",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:build_keycloak:26.4::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rhbk/keycloak-rhel9-operator",
              "product": "Red Hat build of Keycloak 26.4",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "26.4-10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:build_keycloak:26.4::el9"
              ],
              "defaultStatus": "unaffected",
              "packageName": "rhbk/keycloak-rhel9",
              "product": "Red Hat build of Keycloak 26.4.9",
              "vendor": "Red Hat"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Red Hat would like to thank Joy Gilbert (gwthr) and Reynaldo Immanuel for reporting this issue."
            }
          ],
          "datePublic": "2026-02-09T18:21:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in Keycloak. An attacker can exploit this vulnerability by modifying the organization ID and target email within a legitimate invitation token\u0027s JSON Web Token (JWT) payload. This lack of cryptographic signature verification allows the attacker to successfully self-register into an unauthorized organization, leading to unauthorized access."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Important"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 8.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-347",
                  "description": "Improper Verification of Cryptographic Signature",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-16T21:45:35.169Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2026:2363",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:2363"
            },
            {
              "name": "RHSA-2026:2364",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:2364"
            },
            {
              "name": "RHSA-2026:2365",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:2365"
            },
            {
              "name": "RHSA-2026:2366",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:2366"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2026-1529"
            },
            {
              "name": "RHBZ#2433783",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2433783"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-01-28T12:29:47.086Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2026-02-09T18:21:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Org.keycloak.services.resources.organizations: keycloak: unauthorized organization registration via improper invitation token validation",
          "workarounds": [
            {
              "lang": "en",
              "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          },
          "x_redhatCweChain": "CWE-347: Improper Verification of Cryptographic Signature"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2026-1529",
        "datePublished": "2026-02-09T18:36:15.077Z",
        "dateReserved": "2026-01-28T12:22:02.063Z",
        "dateUpdated": "2026-06-30T12:07:08.620Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }