Package impact
Maven / org.keycloak:keycloak-server-spi-private
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2026-2603 | high | — | 8.0 | 2mo ago | Keycloak: Unauthorized authentication via disabled SAML Identity Provider | |
| CVE-2026-3190 | unknown | — | — | 2mo ago | Keycloak: Missing Role Enforcement on UMA 2.0 Permission Ticket Endpoint Leads to Information Disclosure | |
| CVE-2026-0871 | unknown | — | — | 3mo ago | Keycloak Server Private SPI: Improper Access Control Allows Administrators to Bypass Attribute Visibility Restrictions and Modify Unmanaged User Profile Attributes | |
| CVE-2023-2585 | unknown | — | — | 3y ago | Client Spoofing within the Keycloak Device Authorisation Grant | |
| CVE-2020-10776 | unknown | — | — | 4y ago | Cross-site Scripting in keycloak |