Package impact
Maven / org.keycloak:keycloak-services
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2014-3709 | high | 8.8 | 8.8 | 9y ago | JBoss Keycloak CSRF Vulnerability | |
| CVE-2026-2603 | high | — | 8.0 | 2mo ago | Keycloak: Unauthorized authentication via disabled SAML Identity Provider | |
| CVE-2021-3424 | high | — | 8.0 | 4y ago | Keycloak is vulnerable to IDN homograph attack | |
| CVE-2025-7365 | high | 7.1 | 7.1 | 11mo ago | Keycloak phishing attack via email verification step in first login flow | |
| CVE-2026-3911 | low | 2.7 | 2.7 | 3mo ago | Keycloak: Information disclosure of disabled user attributes via administrative endpoint |