Skip to main content
Press slash or control plus K to focus the search. Use the arrow keys to navigate results and press enter to open a threat.
Reconnecting to live updates…
EPSS 0.5%top 63%

Red Hat Security Advisory: Red Hat build of Keycloak 26.2.9 Images Security Update

0
Medium
Published: 09/22/2025 (09/22/2025, 15:35:49 UTC)
Source: GCVE Database
Vendor/Project: Red Hat Product Security
Product: Red Hat

Description

This security advisory addresses vulnerabilities in the Red Hat build of Keycloak 26.2.9 images used within the OpenShift Container Platform. The update fixes three issues: variable injection into environment variables (CVE-2025-9162), an incomplete fix of a prior vulnerability (CVE-2025-10043), and error_description injection on error pages (CVE-2025-10044). These vulnerabilities could potentially allow injection attacks affecting authentication and error handling components. The advisory provides new container images aligned with the standalone Keycloak 26.2.9 release for on-premise or private cloud deployments.

AI-Powered Analysis

Machine-generated threat intelligence

AILast updated: 06/28/2026, 22:29:06 UTC

Technical Analysis

Red Hat has released updated container images for the Red Hat build of Keycloak 26.2.9 and its Operator for OpenShift to address three security vulnerabilities. CVE-2025-9162 involves variable injection into environment variables, which could lead to unintended environment manipulation. CVE-2025-10043 is an incomplete fix of a previous vulnerability (CVE-2024-10492), indicating residual risk from the earlier issue. CVE-2025-10044 concerns injection of error_description content on error pages, potentially enabling injection attacks such as cross-site scripting. These issues affect the authentication server functionality provided by Keycloak within OpenShift Container Platform. The advisory recommends updating to the new images to mitigate these vulnerabilities.

Potential Impact

The vulnerabilities allow injection attacks that could compromise environment variables or inject malicious content into error pages, potentially impacting authentication flows and user session management. This could lead to unauthorized manipulation of authentication behavior or exposure of sensitive information via error messages. The incomplete fix of a prior vulnerability suggests that some risk remained until this update. However, no known exploits in the wild have been reported at this time.

Mitigation Recommendations

Red Hat has released updated container images for Keycloak 26.2.9 and its Operator that address these vulnerabilities. Users should back up their existing installations, including applications, configurations, and databases, before applying the update. Deploying the updated images is the recommended remediation. No alternative mitigations or workarounds are specified. Patch status is confirmed by the vendor advisory indicating new images are available.

Pro Console: star threats, build custom feeds, automate alerts via Slack, email & webhooks.Upgrade to Pro

Technical Details

Gcve Source
db.gcve.eu
Csaf Category
csaf_security_advisory
Csaf Version
2.0
Publisher
Red Hat Product Security
Advisory Id
RHSA-2025:16400
Cve Count
3
Additional Cves
["CVE-2025-10043","CVE-2025-10044"]
Cvss Version
null

Threat ID: 6a419cb427e9c79719abc975

Added to database: 06/28/2026, 22:14:12 UTC

Last enriched: 06/28/2026, 22:29:06 UTC

Last updated: 07/01/2026, 12:51:10 UTC

Views: 2

Community Reviews

0 reviews

Crowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.

Sort by
Loading community insights…

Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.

Actions

PRO

Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.

Please log in to the Console to use AI analysis features.

Need more coverage?

Upgrade to Pro Console for AI refresh and higher limits.

For incident response and remediation, OffSeq services can help resolve threats faster.

Latest Threats

Breach by OffSeqOFFSEQFRIENDS — 25% OFF

Check if your credentials are on the dark web

Instant breach scanning across billions of leaked records. Free tier available.

Scan now
OffSeq TrainingCredly Certified

Lead Pen Test Professional

Technical5-day eLearningPECB Accredited
View courses