Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:maven/org.keycloak/keycloak-parent@26.5.2
purl pkg:maven/org.keycloak/keycloak-parent@26.5.2
Next non-vulnerable version None.
Latest non-vulnerable version None.
Risk 4.5
Vulnerabilities affecting this package (2)
Vulnerability Summary Fixed by
VCID-jkh6-bvx2-dycm
Aliases:
CVE-2026-1518
GHSA-fwhw-chw4-gh37
Keycloak Server-Side Request Forgery (SSRF) vulnerability A flaw was found in Keycloak’s CIBA feature where insufficient validation of client-configured backchannel notification endpoints could allow blind server-side requests to internal services.
26.5.3
Affected by 1 other vulnerability.
VCID-umcf-t6w5-juha
Aliases:
CVE-2019-14910
GHSA-jf86-9434-f8c2
Keycloak Authentication Error A vulnerability was found in keycloak 7.x, when keycloak is configured with LDAP user federation and StartTLS is used instead of SSL/TLS from the LDAP server (ldaps), in this case user authentication succeeds even if invalid password has entered. There are no reported fixed by versions.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-29T22:56:54.245270+00:00 GitLab Importer Affected by VCID-jkh6-bvx2-dycm https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/CVE-2026-1518.yml 38.5.0
2026-04-29T20:36:07.116343+00:00 GitLab Importer Affected by VCID-umcf-t6w5-juha https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/CVE-2019-14910.yml 38.5.0
2026-04-17T00:14:15.008574+00:00 GitLab Importer Affected by VCID-jkh6-bvx2-dycm https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/CVE-2026-1518.yml 38.4.0
2026-04-16T21:56:32.386543+00:00 GitLab Importer Affected by VCID-umcf-t6w5-juha https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/CVE-2019-14910.yml 38.4.0
2026-04-12T01:38:12.610434+00:00 GitLab Importer Affected by VCID-jkh6-bvx2-dycm https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/CVE-2026-1518.yml 38.3.0
2026-04-11T23:11:56.227031+00:00 GitLab Importer Affected by VCID-umcf-t6w5-juha https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/CVE-2019-14910.yml 38.3.0
2026-04-03T01:47:10.446373+00:00 GitLab Importer Affected by VCID-jkh6-bvx2-dycm https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/CVE-2026-1518.yml 38.1.0
2026-04-02T23:20:20.446555+00:00 GitLab Importer Affected by VCID-umcf-t6w5-juha https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/CVE-2019-14910.yml 38.1.0
2026-04-01T17:40:55.665546+00:00 GitLab Importer Affected by VCID-umcf-t6w5-juha https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/CVE-2019-14910.yml 38.0.0
2026-04-01T16:07:52.272546+00:00 GHSA Importer Affected by VCID-jkh6-bvx2-dycm https://github.com/advisories/GHSA-fwhw-chw4-gh37 38.0.0
2026-04-01T12:53:45.829018+00:00 GitLab Importer Affected by VCID-jkh6-bvx2-dycm https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.keycloak/keycloak-parent/CVE-2026-1518.yml 38.0.0