Red hat single sign-on 7

This hub aggregates every CVE we track for Red hat single sign-on 7, a product in the security products space. Use it to gauge the current risk picture and drill into individual advisories.

Security Productson-premsecurity product

CVEs tracked

Critical

High

In CISA KEV

Severity distribution

MEDIUM33HIGH29LOW10CRITICAL1

Monthly trend

2024-072026-06

Latest CVEs

See all →

The 15 most recently published vulnerabilities affecting Red hat single sign-on 7.

CVE-2026-11577Keycloak: keycloak: privilege escalation via partialimport fgap permission bypass7.2Jun 8, 2026
CVE-2026-28369Undertow: undertow: request smuggling via malformed http request headers8.7Mar 27, 2026
CVE-2026-28367Undertow: undertow: request smuggling via `\r\r\r` as a header block terminator8.7Mar 27, 2026
CVE-2026-28368Undertow: undertow: request smuggling via inconsistent header parsing8.7Mar 27, 2026
CVE-2026-3121Keycloak: org.keycloak/keycloak-services: keycloak: privilege escalation via manage-clients permission6.5Mar 26, 2026
CVE-2026-4874Org.keycloak.protocol.oidc.grants: org.keycloak.services.managers: keycloak: server-side request forgery via oidc token endpoint manipulation3.1Mar 26, 2026
CVE-2026-3260Undertow: undertow: denial of service due to premature multipart/form-data parsing in get requests5.9Mar 24, 2026
CVE-2026-4628Keycloak: org.keycloak.authorization: keycloak: unauthorized resource modification due to improper access control4.3Mar 23, 2026
CVE-2026-4366Keycloak-services: blind server-side request forgery (ssrf) via http redirect handling in keycloak5.8Mar 18, 2026
CVE-2026-3429Org.keycloak.services.resources.account: improper access control leading to mfa deletion and account takeover in keycloak account rest api4.2Mar 11, 2026
CVE-2026-3009Org.keycloak/keycloak-services: improper enforcement of disabled identity provider in identitybrokerservice (authentication bypass)8.1Mar 5, 2026
CVE-2026-0871Org.keycloak/keycloak-services: keycloak: unauthorized modification of unmanaged user attributes by administrators4.9Feb 27, 2026
CVE-2026-2733Org.keycloak/keycloak-services: keycloak: missing check on disabled client for docker registry protocol3.8Feb 19, 2026
CVE-2024-4027Undertow: outofmemoryerror in httpservletrequestimpl.getparameternames() can cause remote dos attacks7.5Jan 30, 2026
CVE-2026-1190Org.keycloak/keycloak-services: keycloak saml brokering: response delay due to unchecked notonorafter in subjectconfirmationdata3.1Jan 26, 2026

Product normalization is registry-driven with AI assist and human review. How it works