Keycloak Project (security advisories / release notes)

keycloak · HIGH · candidate

https://www.keycloak.org/security

vendor-psirtvulnslang: enfailures: 0last fetch: 2026-06-07

CNCF/Red Hat upstream IAM — reference identity platform across EU public-sector e-government SSO. Release-notes blog + GitHub GHSA carry coordinated multi-CVE advisories. Discovered via Keycloak 26.6.3 deep dive 2026-06-07 (CVE-2026-9704 token-exchange privesc). Candidate — promote to active after 3 runs with content contribution.

Cited in 3 briefs

Citation cadence

Brief appearances per ISO week (3 weeks of coverage span, total 2).

CTI Weekly Summary — 2026-W21 (May 18 – May 24, 2026)
weekly39 items
2026-W21
CTI Daily Brief — 2026-06-07
daily5 items
2026-06-07
CTI Daily Brief — 2026-05-21
daily9 items
2026-05-21