CVE-2026-9796

Keycloak: keycloak: privilege escalation via time-of-check to time-of-use (toctou) vulnerability

CVSS 6.5 MEDIUMEPSS 0.2%CWE-367

Vexday Risk Score

13Baixo

Decisão SSVC (CISA)

Track

Sem sinal de exploração → monitorar

CVSS 6.5EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

28 mai 2026Publicada no NVD

Recomendação: Monitorar — sem sinal de exploração no momento.

A flaw was found in Keycloak. An authenticated administrator with the `manage-clients` role can exploit a Time-of-check to time-of-use (TOCTOU) vulnerability in the name-based admin role checks. This allows the attacker to escalate their privileges to `realm-admin` for all users within the realm, granting them extensive control over the system. The composite role relationship persists even after the attacker's own permissions are revoked and across system reboots.

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

Produtos afetados

Red Hat · Red Hat Build of Keycloak

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://access.redhat.com/security/cve/CVE-2026-9796 https://bugzilla.redhat.com/show_bug.cgi?id=2482464