Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-x4aw-v76q-vbdc
Vulnerability ID VCID-x4aw-v76q-vbdc
Aliases CVE-2025-12150
GHSA-7g5x-9c4v-4w5r
Summary Keycloak REST Services has a WebAuthn Attestation Statement Verification Bypass A flaw was found in Keycloak’s WebAuthn registration component. This vulnerability allows an attacker to bypass the configured attestation policy and register untrusted or forged authenticators via submission of an attestation object with fmt: "none", even when the realm is configured to require direct attestation. This can lead to weakened authentication integrity and unauthorized authenticator registration.
Status Published
Exploitability 0.5
Weighted Severity 2.8
Risk 1.4
Affected and Fixed Packages Package Details
Weaknesses (3)
CWE-347 Improper Verification of Cryptographic Signature
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
System Score Found at
cvssv3.1 3.1 https://access.redhat.com/errata/RHSA-2025:21370
generic_textual LOW https://access.redhat.com/errata/RHSA-2025:21370
ssvc Track https://access.redhat.com/errata/RHSA-2025:21370
cvssv3.1 3.1 https://access.redhat.com/errata/RHSA-2025:21371
generic_textual LOW https://access.redhat.com/errata/RHSA-2025:21371
ssvc Track https://access.redhat.com/errata/RHSA-2025:21371
cvssv3.1 3.1 https://access.redhat.com/errata/RHSA-2025:22088
generic_textual LOW https://access.redhat.com/errata/RHSA-2025:22088
ssvc Track https://access.redhat.com/errata/RHSA-2025:22088
cvssv3.1 3.1 https://access.redhat.com/errata/RHSA-2025:22089
generic_textual LOW https://access.redhat.com/errata/RHSA-2025:22089
ssvc Track https://access.redhat.com/errata/RHSA-2025:22089
cvssv3 3.1 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-12150.json
cvssv3.1 3.1 https://access.redhat.com/security/cve/CVE-2025-12150
generic_textual LOW https://access.redhat.com/security/cve/CVE-2025-12150
ssvc Track https://access.redhat.com/security/cve/CVE-2025-12150
epss 0.00012 https://api.first.org/data/v1/epss?cve=CVE-2025-12150
epss 0.00012 https://api.first.org/data/v1/epss?cve=CVE-2025-12150
epss 0.00012 https://api.first.org/data/v1/epss?cve=CVE-2025-12150
epss 0.00012 https://api.first.org/data/v1/epss?cve=CVE-2025-12150
epss 0.00012 https://api.first.org/data/v1/epss?cve=CVE-2025-12150
epss 0.00012 https://api.first.org/data/v1/epss?cve=CVE-2025-12150
epss 0.00012 https://api.first.org/data/v1/epss?cve=CVE-2025-12150
epss 0.00012 https://api.first.org/data/v1/epss?cve=CVE-2025-12150
epss 0.00012 https://api.first.org/data/v1/epss?cve=CVE-2025-12150
epss 0.00012 https://api.first.org/data/v1/epss?cve=CVE-2025-12150
epss 0.00012 https://api.first.org/data/v1/epss?cve=CVE-2025-12150
epss 0.00012 https://api.first.org/data/v1/epss?cve=CVE-2025-12150
epss 0.00012 https://api.first.org/data/v1/epss?cve=CVE-2025-12150
epss 0.00014 https://api.first.org/data/v1/epss?cve=CVE-2025-12150
cvssv3.1 3.1 https://bugzilla.redhat.com/show_bug.cgi?id=2406192
generic_textual LOW https://bugzilla.redhat.com/show_bug.cgi?id=2406192
ssvc Track https://bugzilla.redhat.com/show_bug.cgi?id=2406192
cvssv3.1_qr LOW https://github.com/advisories/GHSA-7g5x-9c4v-4w5r
cvssv3.1 3.1 https://github.com/keycloak/keycloak
generic_textual LOW https://github.com/keycloak/keycloak
cvssv3.1 3.1 https://github.com/keycloak/keycloak/commit/4136a677e7e24f6685ed25567e191e1003200339
generic_textual LOW https://github.com/keycloak/keycloak/commit/4136a677e7e24f6685ed25567e191e1003200339
cvssv3.1 3.1 https://github.com/keycloak/keycloak/issues/35110
generic_textual LOW https://github.com/keycloak/keycloak/issues/35110
cvssv3.1 3.1 https://github.com/keycloak/keycloak/issues/43723
generic_textual LOW https://github.com/keycloak/keycloak/issues/43723
ssvc Track https://github.com/keycloak/keycloak/issues/43723
cvssv3.1 3.1 https://nvd.nist.gov/vuln/detail/CVE-2025-12150
generic_textual LOW https://nvd.nist.gov/vuln/detail/CVE-2025-12150
Reference id Reference type URL
https://access.redhat.com/errata/RHSA-2025:21370
https://access.redhat.com/errata/RHSA-2025:21371
https://access.redhat.com/errata/RHSA-2025:22088
https://access.redhat.com/errata/RHSA-2025:22089
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-12150.json
https://access.redhat.com/security/cve/CVE-2025-12150
https://api.first.org/data/v1/epss?cve=CVE-2025-12150
https://bugzilla.redhat.com/show_bug.cgi?id=2406192
https://github.com/keycloak/keycloak
https://github.com/keycloak/keycloak/commit/4136a677e7e24f6685ed25567e191e1003200339
https://github.com/keycloak/keycloak/issues/35110
https://github.com/keycloak/keycloak/issues/43723
https://nvd.nist.gov/vuln/detail/CVE-2025-12150
cpe:/a:redhat:build_keycloak:26.2::el9 https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:build_keycloak:26.2::el9
cpe:/a:redhat:build_keycloak:26.4::el9 https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:build_keycloak:26.4::el9
GHSA-7g5x-9c4v-4w5r https://github.com/advisories/GHSA-7g5x-9c4v-4w5r
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N Found at https://access.redhat.com/errata/RHSA-2025:21370
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-27T16:45:45Z/ Found at https://access.redhat.com/errata/RHSA-2025:21370
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N Found at https://access.redhat.com/errata/RHSA-2025:21371
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-27T16:45:45Z/ Found at https://access.redhat.com/errata/RHSA-2025:21371
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N Found at https://access.redhat.com/errata/RHSA-2025:22088
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-27T16:45:45Z/ Found at https://access.redhat.com/errata/RHSA-2025:22088
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N Found at https://access.redhat.com/errata/RHSA-2025:22089
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-27T16:45:45Z/ Found at https://access.redhat.com/errata/RHSA-2025:22089
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-12150.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N Found at https://access.redhat.com/security/cve/CVE-2025-12150
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-27T16:45:45Z/ Found at https://access.redhat.com/security/cve/CVE-2025-12150
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N Found at https://bugzilla.redhat.com/show_bug.cgi?id=2406192
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-27T16:45:45Z/ Found at https://bugzilla.redhat.com/show_bug.cgi?id=2406192
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N Found at https://github.com/keycloak/keycloak
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N Found at https://github.com/keycloak/keycloak/commit/4136a677e7e24f6685ed25567e191e1003200339
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N Found at https://github.com/keycloak/keycloak/issues/35110
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N Found at https://github.com/keycloak/keycloak/issues/43723
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-27T16:45:45Z/ Found at https://github.com/keycloak/keycloak/issues/43723
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2025-12150
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.01613
EPSS Score 0.00012
Published At April 11, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-04-01T12:52:52.627485+00:00 GithubOSV Importer Import https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/02/GHSA-7g5x-9c4v-4w5r/GHSA-7g5x-9c4v-4w5r.json 38.0.0