FLAT-U63SQ (CVE-2026-7571)
Lack of data validation In org.keycloak:keycloak-services
4.0
Medium
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-RQW9G (CVE-2026-7507)
Spoofing In org.keycloak:keycloak-services
7.5
High
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-T68BB (CVE-2026-7504)
Uncontrolled external site redirect In org.keycloak:keycloak-services
5.8
Medium
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-G1HWW (CVE-2026-37982)
Security controls bypass or absence In org.keycloak:keycloak-services
8.1
High
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-W91N1 (CVE-2026-37978)
Improper authorization control for web services In org.keycloak:keycloak-services
5.7
Medium
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-GKDF5 (CVE-2026-37979)
Improper authorization control for web services In org.keycloak:keycloak-services
3.8
Low
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-5TRHT (CVE-2026-8922)
Security controls bypass or absence In org.keycloak:keycloak-services
0.6
Low
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-AHTYW (CVE-2026-8830)
Weak credential policy In org.keycloak:keycloak-services
1.3
Low
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-MY5E2 (CVE-2026-7500)
Server-side request forgery (SSRF) In org.keycloak:keycloak-services
0.6
Low
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-B7ZC1 (CVE-2026-37980)
Server side cross-site scripting In org.keycloak:keycloak-services
5.6
Medium
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-FZM59 (CVE-2026-37977)
Lack of data validation In org.keycloak:keycloak-services
0.6
Low
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-IWX7S (CVE-2026-4636)
Authentication mechanism absence or evasion In org.keycloak:keycloak-services
7.5
High
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-0LUQ2 (CVE-2026-4634)
Insecure functionality In org.keycloak:keycloak-services
7.7
High
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-1KYYL (CVE-2026-4282)
Lack of isolation methods In org.keycloak:keycloak-services
9.0
Critical
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-XDJOD (CVE-2026-4325)
Lack of isolation methods In org.keycloak:keycloak-services
8.9
High
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-G185A (CVE-2026-3872)
Server-side request forgery (SSRF) In org.keycloak:keycloak-services
5.6
Medium
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-O8YN8 (CVE-2026-3121)
Privilege escalation In org.keycloak:keycloak-services
5.7
Medium
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-R6TO6 (CVE-2026-4874)
Server-side request forgery (SSRF) In org.keycloak:keycloak-services
0.6
Low
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-7E9M5 (CVE-2026-4633)
Technical information leak In org.keycloak:keycloak-services
1.7
Low
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-17H6N (CVE-2026-4628)
Improper authorization control for web services In org.keycloak:keycloak-services
1.3
Low
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-B791J (CVE-2026-2575)
Excessive privileges In org.keycloak:keycloak-services
7.7
High
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-415DO (CVE-2026-3429)
Improper authorization control for web services In org.keycloak:keycloak-services
5.9
Medium
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-SA8Q9 (CVE-2026-3911)
Business information leak In org.keycloak:keycloak-services
1.3
Low
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-53ST1 (CVE-2026-3009)
Improper authorization control for web services In org.keycloak:keycloak-services
8.9
High
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-WYOID (CVE-2025-12150)
Insufficient data authenticity validation In org.keycloak:keycloak-services
1.7
Low
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-V5WVJ (CVE-2026-2733)
Improper authorization control for web services In org.keycloak:keycloak-services
1.3
Low
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-WJ30V (CVE-2026-1529)
Lack of data validation In org.keycloak:keycloak-services
8.9
High
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-SD3Y8 (CVE-2026-1486)
Insecure deserialization In org.keycloak:keycloak-services
8.1
High
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-8WQOB (CVE-2025-14778)
Privilege escalation In org.keycloak:keycloak-services
5.8
Medium
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-463ZE (CVE-2025-13881)
Privilege escalation In org.keycloak:keycloak-services
1.2
Low
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-0WO4S (CVE-2026-1190)
Concurrent sessions In org.keycloak:keycloak-services
1.7
Low
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-I0U37 (CVE-2025-14083)
Improper authorization control for web services In org.keycloak:keycloak-services
1.2
Low
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-U0GIX (CVE-2025-14559)
Authentication mechanism absence or evasion In org.keycloak:keycloak-services
5.7
Medium
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-UIVWG (CVE-2026-1035)
Race condition In org.keycloak:keycloak-services
0.6
Low
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-IS9AI (CVE-2025-14082)
Improper authorization control for web services In org.keycloak:keycloak-services
0.5
Low
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-IALR6 (CVE-2025-12390)
Session Fixation In org.keycloak:keycloak-services
1.7
Low
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-9GNM3 (CVE-2025-11429)
Session Fixation In org.keycloak:keycloak-services
0.6
Low
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-IC767 (CVE-2025-12110)
Insecure session management In org.keycloak:keycloak-services
0.6
Low
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-FYPHA (CVE-2025-8419)
Lack of data validation In org.keycloak:keycloak-services
2.7
Low
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-A0IFY (GHSA-qj5r-2r5p-phc7)
Lack of data validation In org.keycloak:keycloak-services
0.0
None
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-2PSXB (CVE-2025-7784)
Excessive privileges In org.keycloak:keycloak-services
6.0
Medium
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-55T3K (CVE-2025-7365)
Lack of data validation In org.keycloak:keycloak-services
2.1
Low
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-7I0RO (GHSA-83j7-mhw9-388w)
Excessive privileges In org.keycloak:keycloak-services
0.0
None
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-910R1 (GHSA-gj52-35xm-gxjh)
Lack of data validation In org.keycloak:keycloak-services
0.0
None
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-49TQI (CVE-2025-3910)
Authentication mechanism absence or evasion In org.keycloak:keycloak-services
1.3
Low
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-RZBWV (CVE-2025-3501)
Insecure digital certificates In org.keycloak:keycloak-services
6.7
Medium
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-1EHK7 (GHSA-fx44-2wx5-5fvp)
Authentication mechanism absence or evasion In org.keycloak:keycloak-services
0.0
None
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-CAHXA (GHSA-r934-w73g-v4p8)
Insecure digital certificates In org.keycloak:keycloak-services
0.0
None
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-4OD6D (CVE-2025-2559)
Asymmetric denial of service In org.keycloak:keycloak-services
4.6
Medium
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-CY1SP (CVE-2025-1391)
Improper authorization control for web services In org.keycloak:keycloak-services
0.6
Low
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-TOGJY (GHSA-rq4w-cjrr-h8w8)
Improper authorization control for web services In org.keycloak:keycloak-services
0.0
None
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-3EWHM (CVE-2024-10270)
Asymmetric denial of service - ReDoS In org.keycloak:keycloak-services
4.9
Medium
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-5YWH8 (GHSA-j3x3-r585-4qhg)
Asymmetric denial of service - ReDoS In org.keycloak:keycloak-services
0.0
None
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-DW7TP (CVE-2024-7341)
Session Fixation In org.keycloak:keycloak-services
4.8
Medium
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-VNY23 (CVE-2024-8883)
Uncontrolled external site redirect In org.keycloak:keycloak-services
1.2
Low
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-LQOD8 (GHSA-vvf8-2h68-9475)
Uncontrolled external site redirect In org.keycloak:keycloak-services
0.0
None
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-XQ1UL (CVE-2024-4629)
Lack of protection against brute force attacks In org.keycloak:keycloak-services
2.7
Low
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-UPDCD (GHSA-j76j-rqwj-jmvv)
Session Fixation In org.keycloak:keycloak-services
0.0
None
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-RQ5ZK (GHSA-8wm9-24qg-m5qj)
Non-encrypted confidential information In org.keycloak:keycloak-services
0.0
None
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-5NNWD (CVE-2024-1722)
Account lockout In org.keycloak:keycloak-services
1.7
Low
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-6J4HV (CVE-2021-3754)
Insecure service configuration In org.keycloak:keycloak-services
1.7
Low
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-T2AY5 (CVE-2024-3656)
Improper authorization control for web services In org.keycloak:keycloak-services
6.2
Medium
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-14AY2 (CVE-2024-4540)
Business information leak In org.keycloak:keycloak-services
6.6
Medium
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-CLTU6 (GHSA-4vrx-8phj-x3mg)
Sensitive information sent insecurely In org.keycloak:keycloak-services
0.0
None
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-BZ572 (CVE-2023-0657)
Improper authorization control for web services In org.keycloak:keycloak-services
0.6
Low
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-ESJWG (CVE-2023-6787)
Session Fixation In org.keycloak:keycloak-services
4.9
Medium
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-VFJZL (CVE-2024-1132)
Lack of data validation - Path Traversal In org.keycloak:keycloak-services
6.2
Medium
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-FCBYH (CVE-2024-1249)
Lack of data validation In org.keycloak:keycloak-services
4.9
Medium
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-Z9DST (CVE-2023-6484)
Log injection In org.keycloak:keycloak-services
2.7
Low
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-3PNA2 (CVE-2023-6544)
Lack of data validation In org.keycloak:keycloak-services
1.3
Low
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-VWCE6 (CVE-2023-6717)
Reflected cross-site scripting (XSS) In org.keycloak:keycloak-services
4.2
Medium
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-5LK97 (CVE-2023-3597)
Authentication mechanism absence or evasion In org.keycloak:keycloak-services
0.6
Low
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-0200N (CVE-2024-2419)
Server-side request forgery (SSRF) In org.keycloak:keycloak-services
1.3
Low
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-I9ZPT (CVE-2023-6134)
Lack of data validation In org.keycloak:keycloak-services
1.2
Low
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-VDLDA (GHSA-5968-qw33-h47j)
Lack of data validation In org.keycloak:keycloak-services
0.0
None
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-TVBKX (CVE-2022-2232)
LDAP injection In org.keycloak:keycloak-services
1.7
Low
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-K3BPA (CVE-2023-2422)
Insecure digital certificates In org.keycloak:keycloak-services
5.0
Medium
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-BPGBQ (CVE-2022-4361)
Server side cross-site scripting In org.keycloak:keycloak-services
9.1
Critical
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-99J38 (CVE-2023-2585)
Insecure deserialization In org.keycloak:keycloak-services
0.2
Low
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-COF29 (CVE-2023-0264)
Improper authorization control for web services In org.keycloak:keycloak-services
7.3
High
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-9D7Q8 (CVE-2022-3782)
Lack of data validation - Path Traversal In org.keycloak:keycloak-services
4.9
Medium
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-G0GCV (CVE-2014-3652)
Uncontrolled external site redirect In org.keycloak:keycloak-services
1.3
Low
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-M55OP (CVE-2014-3655)
Cross-site request forgery In org.keycloak:keycloak-services
0.6
Low
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-VH2LL (CVE-2014-3709)
Cross-site request forgery In org.keycloak:keycloak-services
6.3
Medium
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-2VKR8 (GHSA-mwm4-5qwr-g9pf)
Improper authorization control for web services In org.keycloak:keycloak-services
4.7
Medium
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-W5BZ0 (CVE-2020-10776)
Reflected cross-site scripting (XSS) In org.keycloak:keycloak-services
1.1
Low
Ecosystem: Maven
Package: org.keycloak:keycloak-services
FLAT-LG9PZ (CVE-2020-1727)
Lack of data validation In org.keycloak:keycloak-services
1.3
Low
Ecosystem: Maven
Package: org.keycloak:keycloak-services