CNNVD-202511-1526 Information

CNNVD ID

CNNVD-202511-1526

Related CVE

CVE-2025-11538

• CNNVD Published: 2025-11-13

Description (Chinese)

Red Hat build of Keycloak是美国红帽（Red Hat）公司的一款用于单点登录的Web应用。 Red Hat build of Keycloak 26.4版本存在安全漏洞，该漏洞源于调试模式不安全地绑定JDWP端口到所有网络接口，可能导致远程代码执行。

Description (English)

Red Hat built of Keycloak is a Web application for single-point access by Red Hat. Red Hat built of Keycloak 26.4 has a security loophole, which results from a debugging mode that unsafely binds the JDWP port to all network interfaces and may lead to remote code execution.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

红帽

Published

2025-11-13

Last Modified

2026-02-24

References

https://access.redhat.com/security/cve/CVE-2025-11538 https://bugzilla.redhat.com/show_bug.cgi?id=2402622 https://vigilance.fr/vulnerability/Keycloak-code-execution-via-Debug-Default-Bind-Address-48921 https://access.redhat.com/security/cve/cve-2025-11538