Security
Headlines

Headlines Latest CVEs

Headline

GHSA-6q37-7866-h27j: Keycloak Admin REST (Representational State Transfer) API does not properly enforce permissions

A flaw was found in Keycloak Admin REST (Representational State Transfer) API. This vulnerability allows information disclosure of sensitive role metadata via insufficient authorization checks on the /admin/realms/{realm}/roles endpoint.

2 days ago

#vulnerability #git #java #intel #perl #auth #maven

Skip to content

Navigation Menu

- AI CODE CREATION
  - GitHub CopilotWrite better code with AI
  - GitHub SparkBuild and deploy intelligent apps
  - GitHub ModelsManage and compare prompts
  - MCP RegistryNewIntegrate external tools

View all features

Pricing

Provide feedback

Saved searches****Use saved searches to filter your results more quickly

Sign up

Appearance settings

GitHub Advisory Database
GitHub Reviewed
CVE-2025-14082

Keycloak Admin REST (Representational State Transfer) API does not properly enforce permissions

Low severity GitHub Reviewed Published Dec 10, 2025 to the GitHub Advisory Database • Updated Dec 10, 2025

Package

maven org.keycloak:keycloak-services (Maven)

Affected versions

<= 26.4.7

Description

Published to the GitHub Advisory Database

Dec 10, 2025

Last updated

Dec 10, 2025

EPSS score

ghsa: Latest News

GHSA-w37m-7fhw-fmv9: Next Server Actions Source Code Exposure

11 hours ago

GHSA-mwv6-3258-q52c: Next Vulnerable to Denial of Service with Server Components

11 hours ago

GHSA-2m3v-v2m8-q956: Denial of Service Vulnerability in React Server Components

11 hours ago

GHSA-925w-6v3x-g4j4: Source Code Exposure Vulnerability in React Server Components

11 hours ago

GHSA-qgc4-8p88-4w7m: Servify-express rate limit issue

15 hours ago