Red Hat Security Advisory: Red Hat build of Keycloak 26.0.10 Update
Red Hat build of Keycloak 26.0.10 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. Security fixes: * Authentication Bypass Due to Missing LDAP Bind After Password Reset in Keycloak (CVE-2025-0604) * Improper Authorization in Keycloak Organization Mapper Allows Unauthorized Organization Claims (CVE-2025-1391)
AI Analysis
Technical Summary
The Red Hat build of Keycloak 26.0.10 update addresses multiple security vulnerabilities. Notably, CVE-2025-0604 involves an authentication bypass caused by a missing LDAP bind operation after a password reset, potentially allowing unauthorized access. CVE-2025-1391 concerns improper authorization in the organization mapper component, which could permit unauthorized users to obtain organization claims. These vulnerabilities impact the authentication and authorization mechanisms of Keycloak, a widely used identity and access management server. Red Hat has issued this advisory (RHSA-2025:2545) to provide fixes for these issues in their Keycloak build. No CVSS score is provided, but the advisory classifies the severity as moderate.
Potential Impact
Successful exploitation of CVE-2025-0604 could allow an attacker to bypass authentication controls after a password reset due to missing LDAP bind verification. CVE-2025-1391 could enable unauthorized users to gain organization claims improperly, potentially leading to privilege escalation or unauthorized access to resources. These vulnerabilities undermine the integrity of authentication and authorization processes in Keycloak, affecting the security of applications relying on it for single sign-on.
Mitigation Recommendations
Red Hat has released updated packages for the Red Hat build of Keycloak version 26.0.10 that address these vulnerabilities. Users should back up their existing installations, including applications, configuration files, and databases, before applying the update. Applying the official update from Red Hat is the recommended remediation. Patch status is confirmed by the vendor advisory. No additional mitigations are specified.
Red Hat Security Advisory: Red Hat build of Keycloak 26.0.10 Update
Description
Red Hat build of Keycloak 26.0.10 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. Security fixes: * Authentication Bypass Due to Missing LDAP Bind After Password Reset in Keycloak (CVE-2025-0604) * Improper Authorization in Keycloak Organization Mapper Allows Unauthorized Organization Claims (CVE-2025-1391)
Affected software
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The Red Hat build of Keycloak 26.0.10 update addresses multiple security vulnerabilities. Notably, CVE-2025-0604 involves an authentication bypass caused by a missing LDAP bind operation after a password reset, potentially allowing unauthorized access. CVE-2025-1391 concerns improper authorization in the organization mapper component, which could permit unauthorized users to obtain organization claims. These vulnerabilities impact the authentication and authorization mechanisms of Keycloak, a widely used identity and access management server. Red Hat has issued this advisory (RHSA-2025:2545) to provide fixes for these issues in their Keycloak build. No CVSS score is provided, but the advisory classifies the severity as moderate.
Potential Impact
Successful exploitation of CVE-2025-0604 could allow an attacker to bypass authentication controls after a password reset due to missing LDAP bind verification. CVE-2025-1391 could enable unauthorized users to gain organization claims improperly, potentially leading to privilege escalation or unauthorized access to resources. These vulnerabilities undermine the integrity of authentication and authorization processes in Keycloak, affecting the security of applications relying on it for single sign-on.
Mitigation Recommendations
Red Hat has released updated packages for the Red Hat build of Keycloak version 26.0.10 that address these vulnerabilities. Users should back up their existing installations, including applications, configuration files, and databases, before applying the update. Applying the official update from Red Hat is the recommended remediation. Patch status is confirmed by the vendor advisory. No additional mitigations are specified.
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_security_advisory
- Csaf Version
- 2.0
- Publisher
- Red Hat Product Security
- Advisory Id
- RHSA-2025:2545
- Cve Count
- 3
- Additional Cves
- ["CVE-2025-0604","CVE-2025-1391"]
- Cvss Version
- null
Threat ID: 6a3c0cf1eed863c81e239300
Added to database: 06/24/2026, 16:59:29 UTC
Last enriched: 06/24/2026, 17:06:33 UTC
Last updated: 06/27/2026, 20:51:16 UTC
Views: 14
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.