New: Corgea AI Pentesting — autonomous penetration testing in hours, not weeks
MEDIUM 6.5 Maven

Keycloak Vulnerable to Improper Handling of Insufficient Permissions or Privilege

GHSA-33j3-g875-37rp · CVE-2026-9792

Published · Modified

Description

A flaw was found in Keycloak's Client Policies, specifically within the org.keycloak.protocol.oidc component. When certain condition providers (client-type, client-roles, client-attributes, client-scopes) are used to enforce security restrictions, the reject-ropc-grant executor is silently bypassed. This allows an unauthenticated remote attacker to obtain tokens via a Resource Owner Password Credentials (ROPC) grant, even when a policy is explicitly configured to block it. This bypass can lead to unauthorized access and information disclosure.

Ready to move

Start Securing

Free, no credit card | First findings in minutes