CVEFinder.io

CVE-2026-0871

🔶 medium
🔍 Scan for this CVE
Summary

A flaw was found in Keycloak. An administrator with `manage-users` permission can bypass the "Only administrators can view" setting for unmanaged attributes, allowing them to modify these attributes. This improper access control can lead to unauthorized changes to user profiles, even when the system is configured to restrict such modifications.

CVSS Score
4.9
Medium
EPSS Score
0.0
Exploit Probability
Published Date
2026-02-27
First Seen: 2026-02-28
📊 Relative Risk Intelligence

This CVE is Lower Risk - more severe than 14.9% of all 318,071 vulnerabilities in our database.

#270,780
Below average severity
Severity Percentile
🎯 CISA SSVC Assessment Updated: Feb 27, 2026
🔍 Exploitation Status
None
No known exploits
⚙️ Automatable
NO
Requires human interaction
💥 Technical Impact
Partial
Limited system impact
SSVC data provided by CISA
Last Modified 2026-03-05
Source NVD 🔗
CVSS Vector 3.1 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
CWE IDs (Weakness Types)
CWE-266

📦 Affected Products 3

Vendor Product Status Affected Versions
redhat keycloak Affected
< 26.4.0
redhat build_of_keycloak Affected
< 26.4.9
redhat build_of_keycloak Affected
v-

🔗 References 4

https://access.redhat.com/errata/RHSA-2026:2365
Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:2366
Vendor Advisory
https://access.redhat.com/security/cve/CVE-2026-0871
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2428881
Issue Tracking Vendor Advisory

🔗 Related CVEs 6

CVE ID Severity CVSS EPSS Summary Published
CVE-2026-37977 ℹ️ low 3.7 0.0 A flaw was found in Keycloak. A remote attacker can exploit a Cross-Origin Resource Sharing (CORS) header injection vuln... 2026-04-06
CVE-2026-3121 🔶 medium 6.5 0.0 A flaw was found in Keycloak. An administrator with `manage-clients` permission can exploit a misconfiguration where thi... 2026-03-26
CVE-2026-3190 🔶 medium 4.3 0.0 A flaw was found in Keycloak. The User-Managed Access (UMA) 2.0 Protection API endpoint for permission tickets fails to ... 2026-03-26
CVE-2026-3047 ⚠️ high 8.8 0.3 A flaw was found in org.keycloak.broker.saml. When a disabled Security Assertion Markup Language (SAML) client is config... 2026-03-05
CVE-2026-3009 ⚠️ high 8.1 0.0 A security flaw in the IdentityBrokerService.performLogin endpoint of Keycloak allows authentication to proceed using an... 2026-03-05
CVE-2025-12150 ℹ️ low 3.1 0.0 A flaw was found in Keycloak’s WebAuthn registration component. This vulnerability allows an attacker to bypass the co... 2026-02-27
These CVEs affect the same products