โ† Back to Dashboard

CVE-2026-11577

HIGH NVD
CVSS Score
7.2
Severity
HIGH
Source
NVD
Published
Jun 08, 2026
Description

A flaw was found in Keycloak. A limited administrator can exploit an improper access control vulnerability in the POST /admin/realms/{realm}/partialImport endpoint. This allows them to bypass Fine-Grained Admin Permissions (FGAP) and escalate their privileges to a full realm administrator by importing users with realm-admin role mappings.

View Full Details โ† Back