CVE-2026-7500 | Keycloak Account REST API /account/v1alpha1 checkAccountApiEnabled direct request

Inserito da Angelo Barbosa | Apr 30, 2026 | CVE

A vulnerability, which was classified as problematic, has been found in Keycloak. This vulnerability affects the function checkAccountApiEnabled of the file /account/v1alpha1 of the component Account REST API. This manipulation causes direct request.

The identification of this vulnerability is CVE-2026-7500. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2026-7500 | Keycloak Account REST API /account/v1alpha1 checkAccountApiEnabled direct request

Post correlati

CVE-2025-22403 | Google Android 15 sdp_discovery.cc sdp_snd_service_search_req use after free

CVE-2024-10070 | ESAFENET CDG 5 PolicyPushControlAction.java actionPolicyPush policyId sql injection

CVE-2024-0751 | Mozilla Firefox up to 115.6 Devtool Extension Privilege Escalation

CVE-2024-49087 | Microsoft Windows up to Server 2025 Mobile Broadband Driver information disclosure