Find real vulnerabilities before they ship
Vulnerability Database › maven › CVE-2026-1518
A flaw was found in Keycloak’s CIBA feature where insufficient validation of client-configured backchannel notification endpoints could allow blind server-side requests to internal services.
Base Score