CVE-2026-9802
6.8 MEDIUMA flaw was found in Keycloak
Published: 2026-05-28 · Last updated: 2026-06-10
Severity and scoring
- CVSS
- 6.8 MEDIUM
- Vector
- CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
- CWE
- CWE-613
Affected products
| Vendor | Product |
|---|---|
| redhat | build_of_keycloak |
Description
A flaw was found in Keycloak. When revokeRefreshToken=true is enabled and persistent session storage is in use, a server restart can reset internal timing mechanisms. This allows a remote attacker, who has previously captured a user's refresh token, to replay that token even after it has been revoked. Successful exploitation grants the attacker unauthorized access to the victim's account, potentially leading to information disclosure or privilege escalation.
Source: NVD
References
Related CVEs
Same vendor
- CVE-2026-50259 — A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland (7.8 HIGH)
- CVE-2026-50258 — A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland (7.8 HIGH)
- CVE-2026-50257 — A use-after-free flaw was found in the X.Org X server and Xwayland in miSyncDestroyFence() (7.8 HIGH)
- CVE-2026-50256 — A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland (7.8 HIGH)
- CVE-2026-1784 — The Route OpenShift resource allows to define routes to make pods reachable at a subdomain through HAProxy (8.8 HIGH)
Same CWE
- CVE-2026-46657 — Bludit is a content management system (7.1 HIGH)
- CVE-2026-46656 — Bludit is a content management system (8.8 HIGH)
- CVE-2026-46401 — HAX CMS helps manage microsite universe with PHP or NodeJs backends
- CVE-2026-48726 — A bug in Apache Airflow's auth manager logout handling left previously-issued JWT tokens valid after the user clicked logout in the UI: t... (6.5 MEDIUM)
- CVE-2026-44648 — SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generat... (7.5 HIGH)