CNNVD-202601-3279 Information

CNNVD ID

CNNVD-202601-3279

Related CVE

CVE-2026-1180

• CNNVD Published: 2026-01-20

Description (Chinese)

Keycloak是Keycloak开源的一种开源身份和访问管理解决方案。 Keycloak存在代码问题漏洞，该漏洞源于未验证jwks_uri目标，可能导致信息泄露和侦察风险。

Description (English)

Keycloak is an open-source identity and access management solution for Keycloak. Keycloak has a code loophole, which stems from the unverified jwks uri target and may lead to information leakage and detection risks.

Hazard Level

High

Vulnerability Type

代码问题

Affected Vendor

Keycloak

Published

2026-01-20

Last Modified

2026-02-24

References

https://access.redhat.com/security/cve/CVE-2026-1180 https://bugzilla.redhat.com/show_bug.cgi?id=2430781