Browse all 14 CVE security advisories affecting Keycloak. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Keycloak serves as an open-source identity and access management solution, providing authentication and authorization services for applications and services. Historically, it has been susceptible to various vulnerability classes including remote code execution, cross-site scripting, and privilege escalation vulnerabilities, with 14 CVEs currently documented. The platform's security characteristics include its OAuth 2.0 and OpenID Connect compliance, though past incidents have highlighted risks in default configurations and third-party integrations. While no major public security incidents have been widely reported, the CVE count indicates ongoing security challenges that require careful configuration and timely patching to mitigate potential risks.
CVE-2024-102702026-05-07GHSA-371692026-05-07CVE-2024-102702026-05-07Showing up to 20 recent security advisories. View all →
This page lists every published CVE security advisory associated with Keycloak. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.