CVE-2026-7504 – Red Hat build of Keycloak

CVSS 8.1 IMPORTANT

“Identity platform weaknesses can expose login flows, trust decisions, and privileged access paths.”

Red Hat released patches for four high-severity vulnerabilities affecting Red Hat build of Keycloak 26.2 and 26.4. CVE-2026-7504 has a CVSS score of 8.1, which is High severity. CVE-2026-7307 has a CVSS score of 7.5, which is High severity. CVE-2026-7507 has a CVSS score of 7.5, which is High severity. CVE-2026-7571 has a CVSS score of 7.1, which is High severity.

The update addresses open redirect, incorrect object model handling, authentication bypass, and web parameter tampering risks. One vulnerability could allow privilege escalation in affected Keycloak environments.

Key Details

Affected Product: Redhat Build Of Keycloak
Attack Vector: Network
Attack Complexity: Low
Privileges Required: None
User Interaction: Required
CWE Classification: CWE-601

Patch this CVE on all your endpoints in under 5 minutes. First 200 endpoints are free forever, scale as needed.

CVE-2026-7504 – Red Hat build of Keycloak

Key Details

Stay Tuned

PLATFORM

SOLUTIONS

RESOURCES

COMPANY

LEGAL

CONTACTS

+1-346-444-8530

Toll Free: 833-444-8530

708 Main St, 10th FL, Houston, TX 77002