CVE-2026-9799 | A flaw was found in org.keycloak.authorization. An authentic… | CVSS 4.6 MEDIUM

Description

A flaw was found in org.keycloak.authorization. An authenticated user with a granted User-Managed Access (UMA) permission ticket for one resource can exploit this by using a specific permission request prefix to bypass per-resource access control. This allows the user to gain unauthorized access to all resources of that type within the same resource server, even if they do not have a ticket for those specific resources. This vulnerability requires the resource server to be configured in PERMISSIVE policy enforcement mode and affects typed resources with ownerManagedAccess enabled, where no explicit policy protects the resource type. The primary consequence is unauthorized information disclosure or modification of resources.

Metadata

CVE ID: CVE-2026-9799
State: PUBLISHED
Assigner: redhat
Reserved: 2026-05-28 03:53 UTC
Published: 2026-06-25 16:17 UTC
Last updated: 2026-06-25 16:17 UTC
Primary CWE: CWE-639
Authorization Bypass Through User-Controlled Key
Vendor / Product: Red Hat / Red Hat Build of Keycloak
Sources: cve.org · NVD

Severity & Metrics

4.6 MEDIUM CVSS 3.1

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N

Affected products (1)

Vendor	Product	Platform	Versions
Red Hat	Red Hat Build of Keycloak	—	—

Weakness (CWE)

CWE	Source	Description
CWE-639	cna	Authorization Bypass Through User-Controlled Key

CVSS scores (1)

Score	Severity	Version	Source	Vector
4.6	MEDIUM	3.1	cna	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N

References (2)