Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2026-4633

Опубликовано: 23 мар. 2026
Источник: nvd
CVSS3: 3.7
EPSS Низкий

Описание

A flaw was found in Keycloak. A remote attacker can exploit differential error messages during the identity-first login flow when Organizations are enabled. This vulnerability allows an attacker to determine the existence of users, leading to information disclosure through user enumeration.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:redhat:build_of_keycloak:-:*:*:*:-:*:*:*

EPSS

Процентиль: 11%
0.00038
Низкий

3.7 Low

CVSS3

Дефекты

CWE-209

Связанные уязвимости

redhat логотип

CVE-2026-4633

CVSS3: 3.7
redhat
около 1 года назад

A flaw was found in Keycloak. A remote attacker can exploit differential error messages during the identity-first login flow when Organizations are enabled. This vulnerability allows an attacker to determine the existence of users, leading to information disclosure through user enumeration.

debian логотип

CVE-2026-4633

CVSS3: 3.7
debian
17 дней назад

A flaw was found in Keycloak. A remote attacker can exploit differenti ...

github логотип

GHSA-rhgq-f8x5-j2jc

CVSS3: 3.7
github
17 дней назад

Keycloak's identity-first login flow exposes user information

EPSS

Процентиль: 11%
0.00038
Низкий

3.7 Low

CVSS3

Дефекты

CWE-209