Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:npm/%40keycloak/keycloak-admin-client@26.4.5
Typenpm
Namespace@keycloak
Namekeycloak-admin-client
Version26.4.5
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-sb4a-yk7m-4fg6
vulnerability_id VCID-sb4a-yk7m-4fg6
summary 
Keycloak vulnerable to authorization bypass via the Admin API
A flaw was found in Keycloak. An authorization bypass vulnerability in the Keycloak Admin API allows any authenticated user, even those without administrative privileges, to enumerate the organization memberships of other users. This information disclosure occurs if the attacker knows the victim's unique identifier (UUID) and the Organizations feature is enabled.
references
0
reference_url https://access.redhat.com/errata/RHSA-2026:6477
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-12T13:14:31Z/
url https://access.redhat.com/errata/RHSA-2026:6477
1
reference_url https://access.redhat.com/errata/RHSA-2026:6478
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-12T13:14:31Z/
url https://access.redhat.com/errata/RHSA-2026:6478
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2366.json
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2366.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-2366
reference_id
reference_type
scores
0
value 0.00013
scoring_system epss
scoring_elements 0.0198
published_at 2026-06-09T12:55:00Z
1
value 0.00013
scoring_system epss
scoring_elements 0.02004
published_at 2026-06-05T12:55:00Z
2
value 0.00013
scoring_system epss
scoring_elements 0.02011
published_at 2026-06-06T12:55:00Z
3
value 0.00013
scoring_system epss
scoring_elements 0.02001
published_at 2026-06-07T12:55:00Z
4
value 0.00013
scoring_system epss
scoring_elements 0.01987
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-2366
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2439081
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-12T13:14:31Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2439081
5
reference_url https://github.com/keycloak/keycloak
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak
6
reference_url https://github.com/keycloak/keycloak/issues/47062
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak/issues/47062
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:build_keycloak:26.4::el9
reference_id cpe:/a:redhat:build_keycloak:26.4::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:build_keycloak:26.4::el9
8
reference_url https://access.redhat.com/security/cve/CVE-2026-2366
reference_id CVE-2026-2366
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-12T13:14:31Z/
url https://access.redhat.com/security/cve/CVE-2026-2366
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-2366
reference_id CVE-2026-2366
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-2366
10
reference_url https://github.com/advisories/GHSA-r8jr-wg88-fq5c
reference_id GHSA-r8jr-wg88-fq5c
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-r8jr-wg88-fq5c
fixed_packages
aliases CVE-2026-2366, GHSA-r8jr-wg88-fq5c
risk_score 1.4
exploitability 0.5
weighted_severity 2.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sb4a-yk7m-4fg6
Fixing_vulnerabilities
Risk_score1.4
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:npm/%2540keycloak/keycloak-admin-client@26.4.5