RHSA-2026:6476

Vulnerability from csaf_redhat - Published: 2026-04-02 13:55 - Updated: 2026-04-02 16:39
Summary
Red Hat Security Advisory: Red Hat build of Keycloak 26.2.15 Images Update
Severity
Important
Notes
Topic: New images are available for Red Hat build of Keycloak 26.2.15 and Red Hat build of Keycloak 26.2.15 Operator, running on OpenShift Container Platform
Details: Red Hat build of Keycloak is an integrated sign-on solution, available as a Red Hat JBoss Middleware for OpenShift containerized image. The Red Hat build of Keycloak for OpenShift image provides an authentication server that you can use to log in centrally, log out, and register. You can also manage user accounts for web applications, mobile applications, and RESTful web services. Red Hat build of Keycloak Operator for OpenShift simplifies deployment and management of Keycloak 26.2.15 clusters. This erratum releases new images for Red Hat build of Keycloak 26.2.15 for use within the OpenShift Container Platform cloud computing Platform-as-a-Service (PaaS) for on-premise or private cloud deployments, aligning with the standalone product release. Security fixes: * Information disclosure due to redirect_uri validation bypass (CVE-2026-3872) * Replay of action tokens via improper handling of single-use entries (CVE-2026-4325) * UMA policy bypass allows authenticated users to gain unauthorized access to victim-owned resources ( CVE-2026-4636) * Privilege escalation via forged authorization codes due to SingleUseObjectProvider isolation flaw (CVE-2026-4282) * Denial of Service via excessive processing of OpenID Connect scope parameters (CVE-2026-4634)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
CVE-2026-3872

A flaw was found in Keycloak. This issue allows an attacker, who controls another path on the same web server, to bypass the allowed path in redirect Uniform Resource Identifiers (URIs) that use a wildcard. A successful attack may lead to the theft of an access token, resulting in information disclosure.

7.3 (High)
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')
Vendor Fix Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on. https://access.redhat.com/errata/RHSA-2026:6476
Workaround To mitigate this vulnerability, avoid using wildcards in `redirect_uri` configurations within Keycloak. Restricting `redirect_uri` to explicit, fully qualified URIs prevents the bypass of validation logic. This configuration change may require a service restart or reload to take effect.
CVE-2026-4282

A flaw was found in Keycloak. The SingleUseObjectProvider, a global key-value store, lacks proper type and namespace isolation. This vulnerability allows an unauthenticated attacker to forge authorization codes. Successful exploitation can lead to the creation of admin-capable access tokens, resulting in privilege escalation.

7.4 (High)
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
CWE-653 - Improper Isolation or Compartmentalization
Vendor Fix Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on. https://access.redhat.com/errata/RHSA-2026:6476
Workaround Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
CVE-2026-4325

A flaw was found in Keycloak. The SingleUseObjectProvider, a global key-value store, lacks proper type and namespace isolation. This vulnerability allows an attacker to delete arbitrary single-use entries, which can enable the replay of consumed action tokens, such as password reset links. This could lead to unauthorized access or account compromise.

5.3 (Medium)
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N
CWE-653 - Improper Isolation or Compartmentalization
Vendor Fix Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on. https://access.redhat.com/errata/RHSA-2026:6476
Workaround Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
CVE-2026-4634

A flaw was found in Keycloak. An unauthenticated attacker can exploit this vulnerability by sending a specially crafted POST request with an excessively long scope parameter to the OpenID Connect (OIDC) token endpoint. This leads to high resource consumption and prolonged processing times, ultimately resulting in a Denial of Service (DoS) for the Keycloak server.

7.5 (High)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE-1050 - Excessive Platform Resource Consumption within a Loop
Vendor Fix Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on. https://access.redhat.com/errata/RHSA-2026:6476
Workaround Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
CVE-2026-4636

A flaw was found in Keycloak. An authenticated user with the uma_protection role can bypass User-Managed Access (UMA) policy validation. This allows the attacker to include resource identifiers owned by other users in a policy creation request, even if the URL path specifies an attacker-owned resource. Consequently, the attacker gains unauthorized permissions to victim-owned resources, enabling them to obtain a Requesting Party Token (RPT) and access sensitive information or perform unauthorized actions.

8.1 (High)
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
CWE-551 - Incorrect Behavior Order: Authorization Before Parsing and Canonicalization
Vendor Fix Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on. https://access.redhat.com/errata/RHSA-2026:6476
Workaround Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
References
Acknowledgments
Ngọc Chung Kim
Slvrqn
To clipboard 

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "New images are available for Red Hat build of Keycloak 26.2.15 and Red Hat build of Keycloak 26.2.15 Operator, running on OpenShift Container Platform",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat build of Keycloak is an integrated sign-on solution, available as a Red Hat JBoss Middleware for OpenShift containerized image. The Red Hat build of Keycloak for OpenShift image provides an authentication server that you can use to log in centrally, log out, and register. You can also manage user accounts for web applications, mobile applications, and RESTful web services.\nRed Hat build of Keycloak Operator for OpenShift simplifies deployment and management of Keycloak 26.2.15 clusters.\n\nThis erratum releases new images for Red Hat build of Keycloak 26.2.15 for use within the OpenShift Container Platform cloud computing Platform-as-a-Service (PaaS) for on-premise or private cloud deployments, aligning with the standalone product release.\n\nSecurity fixes:\n* Information disclosure due to redirect_uri validation bypass (CVE-2026-3872)\n* Replay of action tokens via improper handling of single-use entries (CVE-2026-4325)\n* UMA policy bypass allows authenticated users to gain unauthorized access to victim-owned resources ( CVE-2026-4636)\n* Privilege escalation via forged authorization codes due to SingleUseObjectProvider isolation flaw (CVE-2026-4282)\n* Denial of Service via excessive processing of OpenID Connect scope parameters (CVE-2026-4634)",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2026:6476",
        "url": "https://access.redhat.com/errata/RHSA-2026:6476"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_6476.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat build of Keycloak 26.2.15 Images Update",
    "tracking": {
      "current_release_date": "2026-04-02T16:39:24+00:00",
      "generator": {
        "date": "2026-04-02T16:39:24+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.7.4"
        }
      },
      "id": "RHSA-2026:6476",
      "initial_release_date": "2026-04-02T13:55:29+00:00",
      "revision_history": [
        {
          "date": "2026-04-02T13:55:29+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2026-04-02T13:55:29+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-04-02T16:39:24+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat build of Keycloak 26.2",
                "product": {
                  "name": "Red Hat build of Keycloak 26.2",
                  "product_id": "9Base-RHBK-26.2",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:build_keycloak:26.2::el9"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat build of Keycloak"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "rhbk/keycloak-rhel9@sha256:b3fe3f4c74e96a2daf735fe5e8df98b2fa6f023cfda0c7cd4915a83556e14efb_amd64",
                "product": {
                  "name": "rhbk/keycloak-rhel9@sha256:b3fe3f4c74e96a2daf735fe5e8df98b2fa6f023cfda0c7cd4915a83556e14efb_amd64",
                  "product_id": "rhbk/keycloak-rhel9@sha256:b3fe3f4c74e96a2daf735fe5e8df98b2fa6f023cfda0c7cd4915a83556e14efb_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/keycloak-rhel9@sha256:b3fe3f4c74e96a2daf735fe5e8df98b2fa6f023cfda0c7cd4915a83556e14efb?arch=amd64\u0026repository_url=registry.redhat.io/rhbk/keycloak-rhel9\u0026tag=26.2-18"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhbk/keycloak-operator-bundle@sha256:d80f27078e17321d4b194820a9c325c47b8cc3e431ac37c84a6c5b2b52b009e6_amd64",
                "product": {
                  "name": "rhbk/keycloak-operator-bundle@sha256:d80f27078e17321d4b194820a9c325c47b8cc3e431ac37c84a6c5b2b52b009e6_amd64",
                  "product_id": "rhbk/keycloak-operator-bundle@sha256:d80f27078e17321d4b194820a9c325c47b8cc3e431ac37c84a6c5b2b52b009e6_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/keycloak-operator-bundle@sha256:d80f27078e17321d4b194820a9c325c47b8cc3e431ac37c84a6c5b2b52b009e6?arch=amd64\u0026repository_url=registry.redhat.io/rhbk/keycloak-operator-bundle\u0026tag=26.2.15-1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhbk/keycloak-rhel9-operator@sha256:31378e237970d0c5c483ec2dd3de6a39adfb7cdfe13c5d106be39088859271e6_amd64",
                "product": {
                  "name": "rhbk/keycloak-rhel9-operator@sha256:31378e237970d0c5c483ec2dd3de6a39adfb7cdfe13c5d106be39088859271e6_amd64",
                  "product_id": "rhbk/keycloak-rhel9-operator@sha256:31378e237970d0c5c483ec2dd3de6a39adfb7cdfe13c5d106be39088859271e6_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/keycloak-rhel9-operator@sha256:31378e237970d0c5c483ec2dd3de6a39adfb7cdfe13c5d106be39088859271e6?arch=amd64\u0026repository_url=registry.redhat.io/rhbk/keycloak-rhel9-operator\u0026tag=26.2-18"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "amd64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "rhbk/keycloak-rhel9@sha256:4065d584a57daa2aa2259afa19844f6308e2f6a252b08738c809002cc84aa606_s390x",
                "product": {
                  "name": "rhbk/keycloak-rhel9@sha256:4065d584a57daa2aa2259afa19844f6308e2f6a252b08738c809002cc84aa606_s390x",
                  "product_id": "rhbk/keycloak-rhel9@sha256:4065d584a57daa2aa2259afa19844f6308e2f6a252b08738c809002cc84aa606_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/keycloak-rhel9@sha256:4065d584a57daa2aa2259afa19844f6308e2f6a252b08738c809002cc84aa606?arch=s390x\u0026repository_url=registry.redhat.io/rhbk/keycloak-rhel9\u0026tag=26.2-18"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhbk/keycloak-rhel9-operator@sha256:6c0c1d05bb893e1d598ffc5e953f1287d36e78f6b1938c430e0bc19e22343ae4_s390x",
                "product": {
                  "name": "rhbk/keycloak-rhel9-operator@sha256:6c0c1d05bb893e1d598ffc5e953f1287d36e78f6b1938c430e0bc19e22343ae4_s390x",
                  "product_id": "rhbk/keycloak-rhel9-operator@sha256:6c0c1d05bb893e1d598ffc5e953f1287d36e78f6b1938c430e0bc19e22343ae4_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/keycloak-rhel9-operator@sha256:6c0c1d05bb893e1d598ffc5e953f1287d36e78f6b1938c430e0bc19e22343ae4?arch=s390x\u0026repository_url=registry.redhat.io/rhbk/keycloak-rhel9-operator\u0026tag=26.2-18"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "rhbk/keycloak-rhel9@sha256:4c4f3e098f715efc174a4a01803b7133ca7c2b744ea4b8151c7edcae608d9531_ppc64le",
                "product": {
                  "name": "rhbk/keycloak-rhel9@sha256:4c4f3e098f715efc174a4a01803b7133ca7c2b744ea4b8151c7edcae608d9531_ppc64le",
                  "product_id": "rhbk/keycloak-rhel9@sha256:4c4f3e098f715efc174a4a01803b7133ca7c2b744ea4b8151c7edcae608d9531_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/keycloak-rhel9@sha256:4c4f3e098f715efc174a4a01803b7133ca7c2b744ea4b8151c7edcae608d9531?arch=ppc64le\u0026repository_url=registry.redhat.io/rhbk/keycloak-rhel9\u0026tag=26.2-18"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhbk/keycloak-rhel9-operator@sha256:47fa46896eda2f3c51657f6bc9a024d63f3d306f4726ead3fa46ef5796696e07_ppc64le",
                "product": {
                  "name": "rhbk/keycloak-rhel9-operator@sha256:47fa46896eda2f3c51657f6bc9a024d63f3d306f4726ead3fa46ef5796696e07_ppc64le",
                  "product_id": "rhbk/keycloak-rhel9-operator@sha256:47fa46896eda2f3c51657f6bc9a024d63f3d306f4726ead3fa46ef5796696e07_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/keycloak-rhel9-operator@sha256:47fa46896eda2f3c51657f6bc9a024d63f3d306f4726ead3fa46ef5796696e07?arch=ppc64le\u0026repository_url=registry.redhat.io/rhbk/keycloak-rhel9-operator\u0026tag=26.2-18"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "rhbk/keycloak-rhel9@sha256:10b97dd8e38ce50457a121e53d53472877cc3aa185e7c4b23da191c00e914af2_arm64",
                "product": {
                  "name": "rhbk/keycloak-rhel9@sha256:10b97dd8e38ce50457a121e53d53472877cc3aa185e7c4b23da191c00e914af2_arm64",
                  "product_id": "rhbk/keycloak-rhel9@sha256:10b97dd8e38ce50457a121e53d53472877cc3aa185e7c4b23da191c00e914af2_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/keycloak-rhel9@sha256:10b97dd8e38ce50457a121e53d53472877cc3aa185e7c4b23da191c00e914af2?arch=arm64\u0026repository_url=registry.redhat.io/rhbk/keycloak-rhel9\u0026tag=26.2-18"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhbk/keycloak-rhel9-operator@sha256:1880e406eab1303dd1faa08694ff2cb33901e1e69272a2f9cdf5f5af6941bd84_arm64",
                "product": {
                  "name": "rhbk/keycloak-rhel9-operator@sha256:1880e406eab1303dd1faa08694ff2cb33901e1e69272a2f9cdf5f5af6941bd84_arm64",
                  "product_id": "rhbk/keycloak-rhel9-operator@sha256:1880e406eab1303dd1faa08694ff2cb33901e1e69272a2f9cdf5f5af6941bd84_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/keycloak-rhel9-operator@sha256:1880e406eab1303dd1faa08694ff2cb33901e1e69272a2f9cdf5f5af6941bd84?arch=arm64\u0026repository_url=registry.redhat.io/rhbk/keycloak-rhel9-operator\u0026tag=26.2-18"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "arm64"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhbk/keycloak-operator-bundle@sha256:d80f27078e17321d4b194820a9c325c47b8cc3e431ac37c84a6c5b2b52b009e6_amd64 as a component of Red Hat build of Keycloak 26.2",
          "product_id": "9Base-RHBK-26.2:rhbk/keycloak-operator-bundle@sha256:d80f27078e17321d4b194820a9c325c47b8cc3e431ac37c84a6c5b2b52b009e6_amd64"
        },
        "product_reference": "rhbk/keycloak-operator-bundle@sha256:d80f27078e17321d4b194820a9c325c47b8cc3e431ac37c84a6c5b2b52b009e6_amd64",
        "relates_to_product_reference": "9Base-RHBK-26.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhbk/keycloak-rhel9-operator@sha256:1880e406eab1303dd1faa08694ff2cb33901e1e69272a2f9cdf5f5af6941bd84_arm64 as a component of Red Hat build of Keycloak 26.2",
          "product_id": "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:1880e406eab1303dd1faa08694ff2cb33901e1e69272a2f9cdf5f5af6941bd84_arm64"
        },
        "product_reference": "rhbk/keycloak-rhel9-operator@sha256:1880e406eab1303dd1faa08694ff2cb33901e1e69272a2f9cdf5f5af6941bd84_arm64",
        "relates_to_product_reference": "9Base-RHBK-26.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhbk/keycloak-rhel9-operator@sha256:31378e237970d0c5c483ec2dd3de6a39adfb7cdfe13c5d106be39088859271e6_amd64 as a component of Red Hat build of Keycloak 26.2",
          "product_id": "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:31378e237970d0c5c483ec2dd3de6a39adfb7cdfe13c5d106be39088859271e6_amd64"
        },
        "product_reference": "rhbk/keycloak-rhel9-operator@sha256:31378e237970d0c5c483ec2dd3de6a39adfb7cdfe13c5d106be39088859271e6_amd64",
        "relates_to_product_reference": "9Base-RHBK-26.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhbk/keycloak-rhel9-operator@sha256:47fa46896eda2f3c51657f6bc9a024d63f3d306f4726ead3fa46ef5796696e07_ppc64le as a component of Red Hat build of Keycloak 26.2",
          "product_id": "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:47fa46896eda2f3c51657f6bc9a024d63f3d306f4726ead3fa46ef5796696e07_ppc64le"
        },
        "product_reference": "rhbk/keycloak-rhel9-operator@sha256:47fa46896eda2f3c51657f6bc9a024d63f3d306f4726ead3fa46ef5796696e07_ppc64le",
        "relates_to_product_reference": "9Base-RHBK-26.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhbk/keycloak-rhel9-operator@sha256:6c0c1d05bb893e1d598ffc5e953f1287d36e78f6b1938c430e0bc19e22343ae4_s390x as a component of Red Hat build of Keycloak 26.2",
          "product_id": "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:6c0c1d05bb893e1d598ffc5e953f1287d36e78f6b1938c430e0bc19e22343ae4_s390x"
        },
        "product_reference": "rhbk/keycloak-rhel9-operator@sha256:6c0c1d05bb893e1d598ffc5e953f1287d36e78f6b1938c430e0bc19e22343ae4_s390x",
        "relates_to_product_reference": "9Base-RHBK-26.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhbk/keycloak-rhel9@sha256:10b97dd8e38ce50457a121e53d53472877cc3aa185e7c4b23da191c00e914af2_arm64 as a component of Red Hat build of Keycloak 26.2",
          "product_id": "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:10b97dd8e38ce50457a121e53d53472877cc3aa185e7c4b23da191c00e914af2_arm64"
        },
        "product_reference": "rhbk/keycloak-rhel9@sha256:10b97dd8e38ce50457a121e53d53472877cc3aa185e7c4b23da191c00e914af2_arm64",
        "relates_to_product_reference": "9Base-RHBK-26.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhbk/keycloak-rhel9@sha256:4065d584a57daa2aa2259afa19844f6308e2f6a252b08738c809002cc84aa606_s390x as a component of Red Hat build of Keycloak 26.2",
          "product_id": "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:4065d584a57daa2aa2259afa19844f6308e2f6a252b08738c809002cc84aa606_s390x"
        },
        "product_reference": "rhbk/keycloak-rhel9@sha256:4065d584a57daa2aa2259afa19844f6308e2f6a252b08738c809002cc84aa606_s390x",
        "relates_to_product_reference": "9Base-RHBK-26.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhbk/keycloak-rhel9@sha256:4c4f3e098f715efc174a4a01803b7133ca7c2b744ea4b8151c7edcae608d9531_ppc64le as a component of Red Hat build of Keycloak 26.2",
          "product_id": "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:4c4f3e098f715efc174a4a01803b7133ca7c2b744ea4b8151c7edcae608d9531_ppc64le"
        },
        "product_reference": "rhbk/keycloak-rhel9@sha256:4c4f3e098f715efc174a4a01803b7133ca7c2b744ea4b8151c7edcae608d9531_ppc64le",
        "relates_to_product_reference": "9Base-RHBK-26.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhbk/keycloak-rhel9@sha256:b3fe3f4c74e96a2daf735fe5e8df98b2fa6f023cfda0c7cd4915a83556e14efb_amd64 as a component of Red Hat build of Keycloak 26.2",
          "product_id": "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:b3fe3f4c74e96a2daf735fe5e8df98b2fa6f023cfda0c7cd4915a83556e14efb_amd64"
        },
        "product_reference": "rhbk/keycloak-rhel9@sha256:b3fe3f4c74e96a2daf735fe5e8df98b2fa6f023cfda0c7cd4915a83556e14efb_amd64",
        "relates_to_product_reference": "9Base-RHBK-26.2"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2026-3872",
      "cwe": {
        "id": "CWE-601",
        "name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
      },
      "discovery_date": "2026-03-10T09:16:29.034000+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2445988"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Keycloak. This issue allows an attacker, who controls another path on the same web server, to bypass the allowed path in redirect Uniform Resource Identifiers (URIs) that use a wildcard. A successful attack may lead to the theft of an access token, resulting in information disclosure.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "keycloak: Keycloak: Information disclosure due to redirect_uri validation bypass",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This is an Important information disclosure flaw in Keycloak\u0027s `redirect_uri` validation logic. An attacker controlling another path on the same web server could bypass allowed paths in wildcard `redirect_uri` configurations, potentially leading to access token theft. This affects Red Hat Build of Keycloak (RHBK) versions rhbk-26.2 and rhbk-26.4. Red Hat Build of Keycloak (RHBK) version rhbk-26 is not affected.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-RHBK-26.2:rhbk/keycloak-operator-bundle@sha256:d80f27078e17321d4b194820a9c325c47b8cc3e431ac37c84a6c5b2b52b009e6_amd64",
          "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:1880e406eab1303dd1faa08694ff2cb33901e1e69272a2f9cdf5f5af6941bd84_arm64",
          "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:31378e237970d0c5c483ec2dd3de6a39adfb7cdfe13c5d106be39088859271e6_amd64",
          "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:47fa46896eda2f3c51657f6bc9a024d63f3d306f4726ead3fa46ef5796696e07_ppc64le",
          "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:6c0c1d05bb893e1d598ffc5e953f1287d36e78f6b1938c430e0bc19e22343ae4_s390x",
          "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:10b97dd8e38ce50457a121e53d53472877cc3aa185e7c4b23da191c00e914af2_arm64",
          "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:4065d584a57daa2aa2259afa19844f6308e2f6a252b08738c809002cc84aa606_s390x",
          "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:4c4f3e098f715efc174a4a01803b7133ca7c2b744ea4b8151c7edcae608d9531_ppc64le",
          "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:b3fe3f4c74e96a2daf735fe5e8df98b2fa6f023cfda0c7cd4915a83556e14efb_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-3872"
        },
        {
          "category": "external",
          "summary": "RHBZ#2445988",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445988"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-3872",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-3872"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-3872",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-3872"
        }
      ],
      "release_date": "2026-04-02T12:30:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-04-02T13:55:29+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.",
          "product_ids": [
            "9Base-RHBK-26.2:rhbk/keycloak-operator-bundle@sha256:d80f27078e17321d4b194820a9c325c47b8cc3e431ac37c84a6c5b2b52b009e6_amd64",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:1880e406eab1303dd1faa08694ff2cb33901e1e69272a2f9cdf5f5af6941bd84_arm64",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:31378e237970d0c5c483ec2dd3de6a39adfb7cdfe13c5d106be39088859271e6_amd64",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:47fa46896eda2f3c51657f6bc9a024d63f3d306f4726ead3fa46ef5796696e07_ppc64le",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:6c0c1d05bb893e1d598ffc5e953f1287d36e78f6b1938c430e0bc19e22343ae4_s390x",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:10b97dd8e38ce50457a121e53d53472877cc3aa185e7c4b23da191c00e914af2_arm64",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:4065d584a57daa2aa2259afa19844f6308e2f6a252b08738c809002cc84aa606_s390x",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:4c4f3e098f715efc174a4a01803b7133ca7c2b744ea4b8151c7edcae608d9531_ppc64le",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:b3fe3f4c74e96a2daf735fe5e8df98b2fa6f023cfda0c7cd4915a83556e14efb_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:6476"
        },
        {
          "category": "workaround",
          "details": "To mitigate this vulnerability, avoid using wildcards in `redirect_uri` configurations within Keycloak. Restricting `redirect_uri` to explicit, fully qualified URIs prevents the bypass of validation logic. This configuration change may require a service restart or reload to take effect.",
          "product_ids": [
            "9Base-RHBK-26.2:rhbk/keycloak-operator-bundle@sha256:d80f27078e17321d4b194820a9c325c47b8cc3e431ac37c84a6c5b2b52b009e6_amd64",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:1880e406eab1303dd1faa08694ff2cb33901e1e69272a2f9cdf5f5af6941bd84_arm64",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:31378e237970d0c5c483ec2dd3de6a39adfb7cdfe13c5d106be39088859271e6_amd64",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:47fa46896eda2f3c51657f6bc9a024d63f3d306f4726ead3fa46ef5796696e07_ppc64le",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:6c0c1d05bb893e1d598ffc5e953f1287d36e78f6b1938c430e0bc19e22343ae4_s390x",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:10b97dd8e38ce50457a121e53d53472877cc3aa185e7c4b23da191c00e914af2_arm64",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:4065d584a57daa2aa2259afa19844f6308e2f6a252b08738c809002cc84aa606_s390x",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:4c4f3e098f715efc174a4a01803b7133ca7c2b744ea4b8151c7edcae608d9531_ppc64le",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:b3fe3f4c74e96a2daf735fe5e8df98b2fa6f023cfda0c7cd4915a83556e14efb_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "9Base-RHBK-26.2:rhbk/keycloak-operator-bundle@sha256:d80f27078e17321d4b194820a9c325c47b8cc3e431ac37c84a6c5b2b52b009e6_amd64",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:1880e406eab1303dd1faa08694ff2cb33901e1e69272a2f9cdf5f5af6941bd84_arm64",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:31378e237970d0c5c483ec2dd3de6a39adfb7cdfe13c5d106be39088859271e6_amd64",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:47fa46896eda2f3c51657f6bc9a024d63f3d306f4726ead3fa46ef5796696e07_ppc64le",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:6c0c1d05bb893e1d598ffc5e953f1287d36e78f6b1938c430e0bc19e22343ae4_s390x",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:10b97dd8e38ce50457a121e53d53472877cc3aa185e7c4b23da191c00e914af2_arm64",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:4065d584a57daa2aa2259afa19844f6308e2f6a252b08738c809002cc84aa606_s390x",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:4c4f3e098f715efc174a4a01803b7133ca7c2b744ea4b8151c7edcae608d9531_ppc64le",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:b3fe3f4c74e96a2daf735fe5e8df98b2fa6f023cfda0c7cd4915a83556e14efb_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "keycloak: Keycloak: Information disclosure due to redirect_uri validation bypass"
    },
    {
      "cve": "CVE-2026-4282",
      "cwe": {
        "id": "CWE-653",
        "name": "Improper Isolation or Compartmentalization"
      },
      "discovery_date": "2026-03-16T15:53:57.767000+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2448061"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Keycloak. The SingleUseObjectProvider, a global key-value store, lacks proper type and namespace isolation. This vulnerability allows an unauthenticated attacker to forge authorization codes. Successful exploitation can lead to the creation of admin-capable access tokens, resulting in privilege escalation.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "keycloak: Keycloak: Privilege escalation via forged authorization codes due to SingleUseObjectProvider isolation flaw",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This is an IMPORTANT vulnerability in Keycloak. An unauthenticated attacker can exploit a lack of type and namespace isolation in Keycloak\u0027s SingleUseObjectProvider to forge authorization codes and obtain admin-capable access tokens. This could lead to unauthorized administrative access within affected Keycloak deployments.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-RHBK-26.2:rhbk/keycloak-operator-bundle@sha256:d80f27078e17321d4b194820a9c325c47b8cc3e431ac37c84a6c5b2b52b009e6_amd64",
          "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:1880e406eab1303dd1faa08694ff2cb33901e1e69272a2f9cdf5f5af6941bd84_arm64",
          "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:31378e237970d0c5c483ec2dd3de6a39adfb7cdfe13c5d106be39088859271e6_amd64",
          "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:47fa46896eda2f3c51657f6bc9a024d63f3d306f4726ead3fa46ef5796696e07_ppc64le",
          "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:6c0c1d05bb893e1d598ffc5e953f1287d36e78f6b1938c430e0bc19e22343ae4_s390x",
          "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:10b97dd8e38ce50457a121e53d53472877cc3aa185e7c4b23da191c00e914af2_arm64",
          "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:4065d584a57daa2aa2259afa19844f6308e2f6a252b08738c809002cc84aa606_s390x",
          "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:4c4f3e098f715efc174a4a01803b7133ca7c2b744ea4b8151c7edcae608d9531_ppc64le",
          "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:b3fe3f4c74e96a2daf735fe5e8df98b2fa6f023cfda0c7cd4915a83556e14efb_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-4282"
        },
        {
          "category": "external",
          "summary": "RHBZ#2448061",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448061"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-4282",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-4282"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-4282",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4282"
        }
      ],
      "release_date": "2026-04-02T12:30:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-04-02T13:55:29+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.",
          "product_ids": [
            "9Base-RHBK-26.2:rhbk/keycloak-operator-bundle@sha256:d80f27078e17321d4b194820a9c325c47b8cc3e431ac37c84a6c5b2b52b009e6_amd64",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:1880e406eab1303dd1faa08694ff2cb33901e1e69272a2f9cdf5f5af6941bd84_arm64",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:31378e237970d0c5c483ec2dd3de6a39adfb7cdfe13c5d106be39088859271e6_amd64",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:47fa46896eda2f3c51657f6bc9a024d63f3d306f4726ead3fa46ef5796696e07_ppc64le",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:6c0c1d05bb893e1d598ffc5e953f1287d36e78f6b1938c430e0bc19e22343ae4_s390x",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:10b97dd8e38ce50457a121e53d53472877cc3aa185e7c4b23da191c00e914af2_arm64",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:4065d584a57daa2aa2259afa19844f6308e2f6a252b08738c809002cc84aa606_s390x",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:4c4f3e098f715efc174a4a01803b7133ca7c2b744ea4b8151c7edcae608d9531_ppc64le",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:b3fe3f4c74e96a2daf735fe5e8df98b2fa6f023cfda0c7cd4915a83556e14efb_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:6476"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "9Base-RHBK-26.2:rhbk/keycloak-operator-bundle@sha256:d80f27078e17321d4b194820a9c325c47b8cc3e431ac37c84a6c5b2b52b009e6_amd64",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:1880e406eab1303dd1faa08694ff2cb33901e1e69272a2f9cdf5f5af6941bd84_arm64",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:31378e237970d0c5c483ec2dd3de6a39adfb7cdfe13c5d106be39088859271e6_amd64",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:47fa46896eda2f3c51657f6bc9a024d63f3d306f4726ead3fa46ef5796696e07_ppc64le",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:6c0c1d05bb893e1d598ffc5e953f1287d36e78f6b1938c430e0bc19e22343ae4_s390x",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:10b97dd8e38ce50457a121e53d53472877cc3aa185e7c4b23da191c00e914af2_arm64",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:4065d584a57daa2aa2259afa19844f6308e2f6a252b08738c809002cc84aa606_s390x",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:4c4f3e098f715efc174a4a01803b7133ca7c2b744ea4b8151c7edcae608d9531_ppc64le",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:b3fe3f4c74e96a2daf735fe5e8df98b2fa6f023cfda0c7cd4915a83556e14efb_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "9Base-RHBK-26.2:rhbk/keycloak-operator-bundle@sha256:d80f27078e17321d4b194820a9c325c47b8cc3e431ac37c84a6c5b2b52b009e6_amd64",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:1880e406eab1303dd1faa08694ff2cb33901e1e69272a2f9cdf5f5af6941bd84_arm64",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:31378e237970d0c5c483ec2dd3de6a39adfb7cdfe13c5d106be39088859271e6_amd64",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:47fa46896eda2f3c51657f6bc9a024d63f3d306f4726ead3fa46ef5796696e07_ppc64le",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:6c0c1d05bb893e1d598ffc5e953f1287d36e78f6b1938c430e0bc19e22343ae4_s390x",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:10b97dd8e38ce50457a121e53d53472877cc3aa185e7c4b23da191c00e914af2_arm64",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:4065d584a57daa2aa2259afa19844f6308e2f6a252b08738c809002cc84aa606_s390x",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:4c4f3e098f715efc174a4a01803b7133ca7c2b744ea4b8151c7edcae608d9531_ppc64le",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:b3fe3f4c74e96a2daf735fe5e8df98b2fa6f023cfda0c7cd4915a83556e14efb_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "keycloak: Keycloak: Privilege escalation via forged authorization codes due to SingleUseObjectProvider isolation flaw"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Ng\u1ecdc Chung Kim"
          ]
        }
      ],
      "cve": "CVE-2026-4325",
      "cwe": {
        "id": "CWE-653",
        "name": "Improper Isolation or Compartmentalization"
      },
      "discovery_date": "2026-03-17T12:43:09.194000+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2448351"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Keycloak. The SingleUseObjectProvider, a global key-value store, lacks proper type and namespace isolation. This vulnerability allows an attacker to delete arbitrary single-use entries, which can enable the replay of consumed action tokens, such as password reset links. This could lead to unauthorized access or account compromise.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "keycloak: Keycloak: Replay of action tokens via improper handling of single-use entries",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw in Keycloak\u0027s SingleUseObjectProvider has a MODERATE impact. It allows an attacker to delete arbitrary single-use entries, which could lead to the replay of consumed action tokens such as password reset links. Exploitation requires high attack complexity and user interaction.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-RHBK-26.2:rhbk/keycloak-operator-bundle@sha256:d80f27078e17321d4b194820a9c325c47b8cc3e431ac37c84a6c5b2b52b009e6_amd64",
          "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:1880e406eab1303dd1faa08694ff2cb33901e1e69272a2f9cdf5f5af6941bd84_arm64",
          "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:31378e237970d0c5c483ec2dd3de6a39adfb7cdfe13c5d106be39088859271e6_amd64",
          "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:47fa46896eda2f3c51657f6bc9a024d63f3d306f4726ead3fa46ef5796696e07_ppc64le",
          "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:6c0c1d05bb893e1d598ffc5e953f1287d36e78f6b1938c430e0bc19e22343ae4_s390x",
          "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:10b97dd8e38ce50457a121e53d53472877cc3aa185e7c4b23da191c00e914af2_arm64",
          "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:4065d584a57daa2aa2259afa19844f6308e2f6a252b08738c809002cc84aa606_s390x",
          "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:4c4f3e098f715efc174a4a01803b7133ca7c2b744ea4b8151c7edcae608d9531_ppc64le",
          "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:b3fe3f4c74e96a2daf735fe5e8df98b2fa6f023cfda0c7cd4915a83556e14efb_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-4325"
        },
        {
          "category": "external",
          "summary": "RHBZ#2448351",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448351"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-4325",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-4325"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-4325",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4325"
        }
      ],
      "release_date": "2026-04-02T12:30:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-04-02T13:55:29+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.",
          "product_ids": [
            "9Base-RHBK-26.2:rhbk/keycloak-operator-bundle@sha256:d80f27078e17321d4b194820a9c325c47b8cc3e431ac37c84a6c5b2b52b009e6_amd64",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:1880e406eab1303dd1faa08694ff2cb33901e1e69272a2f9cdf5f5af6941bd84_arm64",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:31378e237970d0c5c483ec2dd3de6a39adfb7cdfe13c5d106be39088859271e6_amd64",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:47fa46896eda2f3c51657f6bc9a024d63f3d306f4726ead3fa46ef5796696e07_ppc64le",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:6c0c1d05bb893e1d598ffc5e953f1287d36e78f6b1938c430e0bc19e22343ae4_s390x",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:10b97dd8e38ce50457a121e53d53472877cc3aa185e7c4b23da191c00e914af2_arm64",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:4065d584a57daa2aa2259afa19844f6308e2f6a252b08738c809002cc84aa606_s390x",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:4c4f3e098f715efc174a4a01803b7133ca7c2b744ea4b8151c7edcae608d9531_ppc64le",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:b3fe3f4c74e96a2daf735fe5e8df98b2fa6f023cfda0c7cd4915a83556e14efb_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:6476"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "9Base-RHBK-26.2:rhbk/keycloak-operator-bundle@sha256:d80f27078e17321d4b194820a9c325c47b8cc3e431ac37c84a6c5b2b52b009e6_amd64",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:1880e406eab1303dd1faa08694ff2cb33901e1e69272a2f9cdf5f5af6941bd84_arm64",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:31378e237970d0c5c483ec2dd3de6a39adfb7cdfe13c5d106be39088859271e6_amd64",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:47fa46896eda2f3c51657f6bc9a024d63f3d306f4726ead3fa46ef5796696e07_ppc64le",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:6c0c1d05bb893e1d598ffc5e953f1287d36e78f6b1938c430e0bc19e22343ae4_s390x",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:10b97dd8e38ce50457a121e53d53472877cc3aa185e7c4b23da191c00e914af2_arm64",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:4065d584a57daa2aa2259afa19844f6308e2f6a252b08738c809002cc84aa606_s390x",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:4c4f3e098f715efc174a4a01803b7133ca7c2b744ea4b8151c7edcae608d9531_ppc64le",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:b3fe3f4c74e96a2daf735fe5e8df98b2fa6f023cfda0c7cd4915a83556e14efb_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "9Base-RHBK-26.2:rhbk/keycloak-operator-bundle@sha256:d80f27078e17321d4b194820a9c325c47b8cc3e431ac37c84a6c5b2b52b009e6_amd64",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:1880e406eab1303dd1faa08694ff2cb33901e1e69272a2f9cdf5f5af6941bd84_arm64",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:31378e237970d0c5c483ec2dd3de6a39adfb7cdfe13c5d106be39088859271e6_amd64",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:47fa46896eda2f3c51657f6bc9a024d63f3d306f4726ead3fa46ef5796696e07_ppc64le",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:6c0c1d05bb893e1d598ffc5e953f1287d36e78f6b1938c430e0bc19e22343ae4_s390x",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:10b97dd8e38ce50457a121e53d53472877cc3aa185e7c4b23da191c00e914af2_arm64",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:4065d584a57daa2aa2259afa19844f6308e2f6a252b08738c809002cc84aa606_s390x",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:4c4f3e098f715efc174a4a01803b7133ca7c2b744ea4b8151c7edcae608d9531_ppc64le",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:b3fe3f4c74e96a2daf735fe5e8df98b2fa6f023cfda0c7cd4915a83556e14efb_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "keycloak: Keycloak: Replay of action tokens via improper handling of single-use entries"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Slvrqn"
          ]
        }
      ],
      "cve": "CVE-2026-4634",
      "cwe": {
        "id": "CWE-1050",
        "name": "Excessive Platform Resource Consumption within a Loop"
      },
      "discovery_date": "2026-03-23T08:40:02.817000+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2450250"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Keycloak. An unauthenticated attacker can exploit this vulnerability by sending a specially crafted POST request with an excessively long scope parameter to the OpenID Connect (OIDC) token endpoint. This leads to high resource consumption and prolonged processing times, ultimately resulting in a Denial of Service (DoS) for the Keycloak server.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "keycloak: Keycloak: Denial of Service via excessive processing of OpenID Connect scope parameters",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This is an Important denial of service vulnerability in Red Hat Build of Keycloak (RHBK). An unauthenticated attacker can exploit this flaw by sending a specially crafted POST request with an excessively long scope parameter to the OpenID Connect token endpoint, leading to high resource consumption and prolonged processing times on the Keycloak server.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-RHBK-26.2:rhbk/keycloak-operator-bundle@sha256:d80f27078e17321d4b194820a9c325c47b8cc3e431ac37c84a6c5b2b52b009e6_amd64",
          "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:1880e406eab1303dd1faa08694ff2cb33901e1e69272a2f9cdf5f5af6941bd84_arm64",
          "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:31378e237970d0c5c483ec2dd3de6a39adfb7cdfe13c5d106be39088859271e6_amd64",
          "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:47fa46896eda2f3c51657f6bc9a024d63f3d306f4726ead3fa46ef5796696e07_ppc64le",
          "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:6c0c1d05bb893e1d598ffc5e953f1287d36e78f6b1938c430e0bc19e22343ae4_s390x",
          "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:10b97dd8e38ce50457a121e53d53472877cc3aa185e7c4b23da191c00e914af2_arm64",
          "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:4065d584a57daa2aa2259afa19844f6308e2f6a252b08738c809002cc84aa606_s390x",
          "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:4c4f3e098f715efc174a4a01803b7133ca7c2b744ea4b8151c7edcae608d9531_ppc64le",
          "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:b3fe3f4c74e96a2daf735fe5e8df98b2fa6f023cfda0c7cd4915a83556e14efb_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-4634"
        },
        {
          "category": "external",
          "summary": "RHBZ#2450250",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450250"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-4634",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-4634"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-4634",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4634"
        }
      ],
      "release_date": "2026-04-02T12:30:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-04-02T13:55:29+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.",
          "product_ids": [
            "9Base-RHBK-26.2:rhbk/keycloak-operator-bundle@sha256:d80f27078e17321d4b194820a9c325c47b8cc3e431ac37c84a6c5b2b52b009e6_amd64",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:1880e406eab1303dd1faa08694ff2cb33901e1e69272a2f9cdf5f5af6941bd84_arm64",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:31378e237970d0c5c483ec2dd3de6a39adfb7cdfe13c5d106be39088859271e6_amd64",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:47fa46896eda2f3c51657f6bc9a024d63f3d306f4726ead3fa46ef5796696e07_ppc64le",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:6c0c1d05bb893e1d598ffc5e953f1287d36e78f6b1938c430e0bc19e22343ae4_s390x",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:10b97dd8e38ce50457a121e53d53472877cc3aa185e7c4b23da191c00e914af2_arm64",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:4065d584a57daa2aa2259afa19844f6308e2f6a252b08738c809002cc84aa606_s390x",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:4c4f3e098f715efc174a4a01803b7133ca7c2b744ea4b8151c7edcae608d9531_ppc64le",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:b3fe3f4c74e96a2daf735fe5e8df98b2fa6f023cfda0c7cd4915a83556e14efb_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:6476"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "9Base-RHBK-26.2:rhbk/keycloak-operator-bundle@sha256:d80f27078e17321d4b194820a9c325c47b8cc3e431ac37c84a6c5b2b52b009e6_amd64",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:1880e406eab1303dd1faa08694ff2cb33901e1e69272a2f9cdf5f5af6941bd84_arm64",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:31378e237970d0c5c483ec2dd3de6a39adfb7cdfe13c5d106be39088859271e6_amd64",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:47fa46896eda2f3c51657f6bc9a024d63f3d306f4726ead3fa46ef5796696e07_ppc64le",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:6c0c1d05bb893e1d598ffc5e953f1287d36e78f6b1938c430e0bc19e22343ae4_s390x",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:10b97dd8e38ce50457a121e53d53472877cc3aa185e7c4b23da191c00e914af2_arm64",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:4065d584a57daa2aa2259afa19844f6308e2f6a252b08738c809002cc84aa606_s390x",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:4c4f3e098f715efc174a4a01803b7133ca7c2b744ea4b8151c7edcae608d9531_ppc64le",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:b3fe3f4c74e96a2daf735fe5e8df98b2fa6f023cfda0c7cd4915a83556e14efb_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "9Base-RHBK-26.2:rhbk/keycloak-operator-bundle@sha256:d80f27078e17321d4b194820a9c325c47b8cc3e431ac37c84a6c5b2b52b009e6_amd64",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:1880e406eab1303dd1faa08694ff2cb33901e1e69272a2f9cdf5f5af6941bd84_arm64",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:31378e237970d0c5c483ec2dd3de6a39adfb7cdfe13c5d106be39088859271e6_amd64",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:47fa46896eda2f3c51657f6bc9a024d63f3d306f4726ead3fa46ef5796696e07_ppc64le",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:6c0c1d05bb893e1d598ffc5e953f1287d36e78f6b1938c430e0bc19e22343ae4_s390x",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:10b97dd8e38ce50457a121e53d53472877cc3aa185e7c4b23da191c00e914af2_arm64",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:4065d584a57daa2aa2259afa19844f6308e2f6a252b08738c809002cc84aa606_s390x",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:4c4f3e098f715efc174a4a01803b7133ca7c2b744ea4b8151c7edcae608d9531_ppc64le",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:b3fe3f4c74e96a2daf735fe5e8df98b2fa6f023cfda0c7cd4915a83556e14efb_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "keycloak: Keycloak: Denial of Service via excessive processing of OpenID Connect scope parameters"
    },
    {
      "cve": "CVE-2026-4636",
      "cwe": {
        "id": "CWE-551",
        "name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
      },
      "discovery_date": "2026-03-23T08:15:12.427000+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2450251"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Keycloak. An authenticated user with the uma_protection role can bypass User-Managed Access (UMA) policy validation. This allows the attacker to include resource identifiers owned by other users in a policy creation request, even if the URL path specifies an attacker-owned resource. Consequently, the attacker gains unauthorized permissions to victim-owned resources, enabling them to obtain a Requesting Party Token (RPT) and access sensitive information or perform unauthorized actions.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "keycloak: Keycloak: UMA policy bypass allows authenticated users to gain unauthorized access to victim-owned resources.",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This Important vulnerability in Keycloak allows an authenticated user with the `uma_protection` role to bypass User-Managed Access (UMA) policy validation. Exploitation requires that victim users have created UMA-protected resources with `ownerManagedAccess` enabled and that authorization services are enabled on the client. This flaw enables an attacker to gain unauthorized permissions to victim-owned resources within Red Hat Build of Keycloak.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-RHBK-26.2:rhbk/keycloak-operator-bundle@sha256:d80f27078e17321d4b194820a9c325c47b8cc3e431ac37c84a6c5b2b52b009e6_amd64",
          "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:1880e406eab1303dd1faa08694ff2cb33901e1e69272a2f9cdf5f5af6941bd84_arm64",
          "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:31378e237970d0c5c483ec2dd3de6a39adfb7cdfe13c5d106be39088859271e6_amd64",
          "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:47fa46896eda2f3c51657f6bc9a024d63f3d306f4726ead3fa46ef5796696e07_ppc64le",
          "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:6c0c1d05bb893e1d598ffc5e953f1287d36e78f6b1938c430e0bc19e22343ae4_s390x",
          "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:10b97dd8e38ce50457a121e53d53472877cc3aa185e7c4b23da191c00e914af2_arm64",
          "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:4065d584a57daa2aa2259afa19844f6308e2f6a252b08738c809002cc84aa606_s390x",
          "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:4c4f3e098f715efc174a4a01803b7133ca7c2b744ea4b8151c7edcae608d9531_ppc64le",
          "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:b3fe3f4c74e96a2daf735fe5e8df98b2fa6f023cfda0c7cd4915a83556e14efb_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-4636"
        },
        {
          "category": "external",
          "summary": "RHBZ#2450251",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450251"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-4636",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-4636"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-4636",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4636"
        }
      ],
      "release_date": "2026-04-02T12:30:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-04-02T13:55:29+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.",
          "product_ids": [
            "9Base-RHBK-26.2:rhbk/keycloak-operator-bundle@sha256:d80f27078e17321d4b194820a9c325c47b8cc3e431ac37c84a6c5b2b52b009e6_amd64",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:1880e406eab1303dd1faa08694ff2cb33901e1e69272a2f9cdf5f5af6941bd84_arm64",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:31378e237970d0c5c483ec2dd3de6a39adfb7cdfe13c5d106be39088859271e6_amd64",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:47fa46896eda2f3c51657f6bc9a024d63f3d306f4726ead3fa46ef5796696e07_ppc64le",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:6c0c1d05bb893e1d598ffc5e953f1287d36e78f6b1938c430e0bc19e22343ae4_s390x",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:10b97dd8e38ce50457a121e53d53472877cc3aa185e7c4b23da191c00e914af2_arm64",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:4065d584a57daa2aa2259afa19844f6308e2f6a252b08738c809002cc84aa606_s390x",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:4c4f3e098f715efc174a4a01803b7133ca7c2b744ea4b8151c7edcae608d9531_ppc64le",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:b3fe3f4c74e96a2daf735fe5e8df98b2fa6f023cfda0c7cd4915a83556e14efb_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:6476"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "9Base-RHBK-26.2:rhbk/keycloak-operator-bundle@sha256:d80f27078e17321d4b194820a9c325c47b8cc3e431ac37c84a6c5b2b52b009e6_amd64",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:1880e406eab1303dd1faa08694ff2cb33901e1e69272a2f9cdf5f5af6941bd84_arm64",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:31378e237970d0c5c483ec2dd3de6a39adfb7cdfe13c5d106be39088859271e6_amd64",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:47fa46896eda2f3c51657f6bc9a024d63f3d306f4726ead3fa46ef5796696e07_ppc64le",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:6c0c1d05bb893e1d598ffc5e953f1287d36e78f6b1938c430e0bc19e22343ae4_s390x",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:10b97dd8e38ce50457a121e53d53472877cc3aa185e7c4b23da191c00e914af2_arm64",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:4065d584a57daa2aa2259afa19844f6308e2f6a252b08738c809002cc84aa606_s390x",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:4c4f3e098f715efc174a4a01803b7133ca7c2b744ea4b8151c7edcae608d9531_ppc64le",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:b3fe3f4c74e96a2daf735fe5e8df98b2fa6f023cfda0c7cd4915a83556e14efb_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "9Base-RHBK-26.2:rhbk/keycloak-operator-bundle@sha256:d80f27078e17321d4b194820a9c325c47b8cc3e431ac37c84a6c5b2b52b009e6_amd64",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:1880e406eab1303dd1faa08694ff2cb33901e1e69272a2f9cdf5f5af6941bd84_arm64",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:31378e237970d0c5c483ec2dd3de6a39adfb7cdfe13c5d106be39088859271e6_amd64",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:47fa46896eda2f3c51657f6bc9a024d63f3d306f4726ead3fa46ef5796696e07_ppc64le",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9-operator@sha256:6c0c1d05bb893e1d598ffc5e953f1287d36e78f6b1938c430e0bc19e22343ae4_s390x",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:10b97dd8e38ce50457a121e53d53472877cc3aa185e7c4b23da191c00e914af2_arm64",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:4065d584a57daa2aa2259afa19844f6308e2f6a252b08738c809002cc84aa606_s390x",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:4c4f3e098f715efc174a4a01803b7133ca7c2b744ea4b8151c7edcae608d9531_ppc64le",
            "9Base-RHBK-26.2:rhbk/keycloak-rhel9@sha256:b3fe3f4c74e96a2daf735fe5e8df98b2fa6f023cfda0c7cd4915a83556e14efb_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "keycloak: Keycloak: UMA policy bypass allows authenticated users to gain unauthorized access to victim-owned resources."
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.