CNNVD-202602-1311 Information

CNNVD ID

CNNVD-202602-1311

Related CVE

CVE-2025-14778

• CNNVD Published: 2026-02-09

Description (Chinese)

Keycloak是Keycloak开源的一种开源身份和访问管理解决方案。 Keycloak存在安全漏洞，该漏洞源于UserManagedPermissionService存在访问控制缺陷，可能导致水平权限提升。

Description (English)

Keycloak is an open-source identity and access management solution for Keycloak. There is a security loophole in Keycloak, which stems from access control deficiencies in UserManaged Mission Service, which may lead to a higher level of access.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Keycloak

Published

2026-02-09

Last Modified

2026-02-24

References

https://access.redhat.com/errata/RHSA-2026:2364 https://access.redhat.com/security/cve/CVE-2025-14778 https://bugzilla.redhat.com/show_bug.cgi?id=2422600 https://access.redhat.com/security/cve/cve-2025-14778