Vulnerability Reportkeycloak/keycloak:26.5.1

keycloak/keycloak:26.5.1-0keycloak/keycloak:26.5.1
DIGESTsha256:b80a48090594367bd8cf6fe2019466ac4ea49de4d0830fb2a43256eda37b18f5

Executive Summary

Last scanned:

Threat Score
100/100DANGEROUS
Reputation
RELIABLE

This image poses a critical security risk and must not be used in production, especially as an internet-facing service. An attacker could exploit Netty DNS and HTTP parsing vulnerabilities to poison DNS caches, smuggle requests, or trigger denial of service, while Keycloak's own token handling flaw (CVE-2026-9704) enables privilege escalation from low-privileged user to full service account access. The combined impact includes unauthorized access to sensitive data, authentication bypass, and service disruption. No compensating controls fully eliminate these risks; only updating to patched versions (Netty ≥4.1.135, Keycloak ≥26.5.2) will remediate them.

Vulnerabilities

Vulnerability Log

180 total
CVE IDAdjusted SeverityPackageExploit ProbabilityRisk Context
CVE-2026-45674HIGH8.5
io.netty:netty-resolver-dns
4.1.128.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.2%
Theoretical Threat
Directly ExposedContext importance: HIGH
CVE-2026-47691HIGH8.5
io.netty:netty-resolver-dns
4.1.128.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.3%
Theoretical Threat
Directly ExposedContext importance: HIGH
CVE-2026-42581HIGH8.33
io.netty:netty-codec-http
4.1.128.Final
fixed in 4.2.13.Final, 4.1.133.Final
0.6%
Theoretical Threat
Directly ExposedContext importance: HIGH
CVE-2026-42579HIGH7.73
io.netty:netty-codec-dns
4.1.128.Final
fixed in 4.2.13.Final, 4.1.133.Final
0.9%
Theoretical Threat
Directly ExposedContext importance: HIGH
CVE-2026-42584HIGH7.73
io.netty:netty-codec-http
4.1.128.Final
fixed in 4.2.13.Final, 4.1.133.Final
0.7%
Theoretical Threat
Directly ExposedContext importance: HIGH
CVE-2026-33871HIGH7.5
io.netty:netty-codec-http2
4.1.128.Final
fixed in 4.1.132.Final, 4.2.11.Final
1.1%
Low-Moderate Risk
Directly ExposedContext importance: HIGH
CVE-2026-9704HIGH7.48
org.keycloak:keycloak-server-spi-private
26.5.1
fixed in 26.6.3
0.3%
Theoretical Threat
Directly ExposedContext importance: HIGH
CVE-2026-1486HIGH7.48
org.keycloak:keycloak-services
26.5.1
fixed in 26.5.3, 26.4.9
0.4%
Theoretical Threat
Directly ExposedContext importance: HIGH
CVE-2026-9704HIGH7.48
org.keycloak:keycloak-services
26.5.1
fixed in 26.6.3
0.3%
Theoretical Threat
Directly ExposedContext importance: HIGH
CVE-2026-39852MEDIUM6.97
io.quarkus:quarkus-vertx-http
3.27.1
fixed in 3.20.6.1, 3.27.3.1, 3.33.1.1, 3.35.1.1
0.4%
Theoretical Threat
Directly ExposedContext importance: HIGH
CVE-2026-54512MEDIUM6.88
com.fasterxml.jackson.core:jackson-databind
2.19.2
fixed in 2.18.8, 3.1.4, 2.21.4
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-54513MEDIUM6.88
com.fasterxml.jackson.core:jackson-databind
2.19.2
fixed in 2.18.8, 2.21.4, 3.1.4
0.7%
Theoretical Threat
Directly Exposed
CVE-2026-2603MEDIUM6.88
org.keycloak:keycloak-server-spi-private
26.5.1
fixed in 26.5.5
0.4%
Theoretical Threat
Directly ExposedContext importance: HIGH
CVE-2026-1529MEDIUM6.88
org.keycloak:keycloak-services
26.5.1
fixed in 26.5.3, 26.2.13, 26.4.9
0.5%
Theoretical Threat
Directly ExposedContext importance: HIGH
CVE-2026-2603MEDIUM6.88
org.keycloak:keycloak-services
26.5.1
fixed in 26.5.5
0.4%
Theoretical Threat
Directly ExposedContext importance: HIGH
CVE-2026-3009MEDIUM6.88
org.keycloak:keycloak-services
26.5.1
fixed in 26.5.5
0.3%
Theoretical Threat
Directly ExposedContext importance: HIGH
CVE-2026-4636MEDIUM6.88
org.keycloak:keycloak-services
26.5.1
fixed in 26.5.7
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-7504MEDIUM6.88
org.keycloak:keycloak-services
26.5.1
fixed in 26.6.2
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-9087MEDIUM6.88
org.keycloak:keycloak-services
26.5.1
fixed in 26.6.3
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-22801MEDIUM6.63
java-21-openjdk-headless
1:21.0.9.0.10-2.el9
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-2092MEDIUM6.54
org.keycloak:keycloak-services
26.5.1
fixed in 26.5.5
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-33636MEDIUM6.46
java-21-openjdk-headless
1:21.0.9.0.10-2.el9
No fix yet
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-21945MEDIUM6.38
java-21-openjdk-headless
1:21.0.9.0.10-2.el9
fixed in 1:21.0.10.0.7-1.el9
0.9%
Theoretical Threat
Directly Exposed
CVE-2026-22016MEDIUM6.38
java-21-openjdk-headless
1:21.0.9.0.10-2.el9
fixed in 1:21.0.11.0.10-2.el9
0.7%
Theoretical Threat
Directly Exposed
CVE-2026-34282MEDIUM6.38
java-21-openjdk-headless
1:21.0.9.0.10-2.el9
fixed in 1:21.0.11.0.10-2.el9
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-41254MEDIUM6.38
java-21-openjdk-headless
1:21.0.9.0.10-2.el9
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2022-41409MEDIUM6.38
pcre2
10.40-6.el9
No fix yet
1.0%
Theoretical Threat
Directly Exposed
CVE-2022-41409MEDIUM6.38
pcre2-syntax
10.40-6.el9
No fix yet
1.0%
Theoretical Threat
Directly Exposed
CVE-2026-42583MEDIUM6.38
io.netty:netty-codec
4.1.128.Final
fixed in 4.1.133.Final
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-44893MEDIUM6.38
io.netty:netty-codec-haproxy
4.1.128.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-48059MEDIUM6.38
io.netty:netty-codec-haproxy
4.1.128.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-33870MEDIUM6.38
io.netty:netty-codec-http
4.1.128.Final
fixed in 4.1.132.Final, 4.2.10.Final
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-42587MEDIUM6.38
io.netty:netty-codec-http
4.1.128.Final
fixed in 4.2.13.Final, 4.1.133.Final
0.9%
Theoretical Threat
Directly Exposed
CVE-2026-42585MEDIUM6.38
io.netty:netty-codec-http
4.1.128.Final
fixed in 4.2.13.Final, 4.1.133.Final
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-42587MEDIUM6.38
io.netty:netty-codec-http2
4.1.128.Final
fixed in 4.2.13.Final, 4.1.133.Final
0.9%
Theoretical Threat
Directly Exposed
CVE-2026-48043MEDIUM6.38
io.netty:netty-codec-http2
4.1.128.Final
fixed in 4.1.135.Final, 4.2.15.Final
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-45416MEDIUM6.38
io.netty:netty-handler
4.1.128.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-50010MEDIUM6.38
io.netty:netty-handler
4.1.128.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-42578MEDIUM6.38
io.netty:netty-handler-proxy
4.1.128.Final
fixed in 4.1.133.Final, 4.2.13.Final
0.9%
Theoretical Threat
Directly Exposed
CVE-2026-45292MEDIUM6.38
io.opentelemetry:opentelemetry-api
1.44.1
fixed in 1.62.0
0.8%
Theoretical Threat
Directly Exposed
CVE-2025-66560MEDIUM6.38
io.quarkus:quarkus-rest
3.27.1
fixed in 3.20.5, 3.27.2, 3.31.0
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-5588MEDIUM6.38
org.bouncycastle:bcpkix-jdk18on
1.82
fixed in 1.84
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-14813MEDIUM6.38
org.bouncycastle:bcprov-jdk18on
1.82
fixed in 1.80.2, 1.81.1, 1.84
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-5598MEDIUM6.38
org.bouncycastle:bcprov-jdk18on
1.82
fixed in 1.84
0.7%
Theoretical Threat
Directly Exposed
CVE-2026-7307MEDIUM6.38
org.keycloak:keycloak-saml-core
26.5.1
fixed in 26.6.2
0.7%
Theoretical Threat
Directly Exposed
CVE-2026-4634MEDIUM6.38
org.keycloak:keycloak-services
26.5.1
fixed in 26.5.7
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-7507MEDIUM6.38
org.keycloak:keycloak-services
26.5.1
fixed in 26.6.2
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-9793MEDIUM6.38
org.keycloak:keycloak-services
26.5.1
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-42198MEDIUM6.38
org.postgresql:postgresql
42.7.7
fixed in 42.7.11
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-4282MEDIUM6.29
org.keycloak:keycloak-services
26.5.1
fixed in 26.5.7
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-3872MEDIUM6.21
org.keycloak:keycloak-services
26.5.1
fixed in 26.5.7
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-9795MEDIUM6.21
org.keycloak:keycloak-services
26.5.1
fixed in 26.6.4
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-3121MEDIUM6.12
org.keycloak:keycloak-services
26.5.1
fixed in 26.5.6
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-64720MEDIUM6.03
java-21-openjdk-headless
1:21.0.9.0.10-2.el9
fixed in 1:21.0.10.0.7-1.el9
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-65018MEDIUM6.03
java-21-openjdk-headless
1:21.0.9.0.10-2.el9
fixed in 1:21.0.10.0.7-1.el9
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-66293MEDIUM6.03
java-21-openjdk-headless
1:21.0.9.0.10-2.el9
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-22695MEDIUM6.03
java-21-openjdk-headless
1:21.0.9.0.10-2.el9
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-54369MEDIUM6.03
libacl
2.3.1-4.el9
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-7571MEDIUM6.03
org.keycloak:keycloak-services
26.5.1
fixed in 26.6.2
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-33416MEDIUM6
java-21-openjdk-headless
1:21.0.9.0.10-2.el9
No fix yet
1.1%
Low-Moderate Risk
Directly ExposedContext importance: MEDIUM
CVE-2026-4878MEDIUM5.95
libcap
2.48-10.el9
fixed in 2.48-10.el9_8.1
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-13151MEDIUM5.9
libtasn1
4.16.0-9.el9
fixed in 4.16.0-10.el9_8
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2026-45673MEDIUM5.78
io.netty:netty-resolver-dns
4.1.128.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-37982MEDIUM5.78
org.keycloak:keycloak-services
26.5.1
fixed in 26.6.2
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-4630MEDIUM5.78
org.keycloak:keycloak-services
26.5.1
fixed in 26.6.2
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-9802MEDIUM5.78
org.keycloak:keycloak-services
26.5.1
fixed in 26.6.3
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-4437MEDIUM5.52
glibc
2.34-231.el9_7.2
fixed in 2.34-270.el9_8
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-6238MEDIUM5.52
glibc
2.34-231.el9_7.2
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-4437MEDIUM5.52
glibc-common
2.34-231.el9_7.2
fixed in 2.34-270.el9_8
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-6238MEDIUM5.52
glibc-common
2.34-231.el9_7.2
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-4437MEDIUM5.52
glibc-langpack-en
2.34-231.el9_7.2
fixed in 2.34-270.el9_8
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-6238MEDIUM5.52
glibc-langpack-en
2.34-231.el9_7.2
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2024-7531MEDIUM5.52
nspr
4.36.0-4.el9_4
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2024-7531MEDIUM5.52
nss
3.112.0-4.el9_4
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2024-7531MEDIUM5.52
nss-softokn
3.112.0-4.el9_4
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2024-7531MEDIUM5.52
nss-softokn-freebl
3.112.0-4.el9_4
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2024-7531MEDIUM5.52
nss-sysinit
3.112.0-4.el9_4
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2024-7531MEDIUM5.52
nss-util
3.112.0-4.el9_4
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-67735MEDIUM5.52
io.netty:netty-codec-http
4.1.128.Final
fixed in 4.2.8.Final, 4.1.129.Final
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-41417MEDIUM5.52
io.netty:netty-codec-http
4.1.128.Final
fixed in 4.1.133.Final, 4.2.13.Final
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-42580MEDIUM5.52
io.netty:netty-codec-http
4.1.128.Final
fixed in 4.2.13.Final, 4.1.133.Final
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-0636MEDIUM5.52
org.bouncycastle:bcprov-jdk18on
1.82
fixed in 1.84
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-14559MEDIUM5.52
org.keycloak:keycloak-services
26.5.1
fixed in 26.5.2, 26.4.9
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-37979MEDIUM5.52
org.keycloak:keycloak-services
26.5.1
fixed in 26.6.2
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-9792MEDIUM5.52
org.keycloak:keycloak-services
26.5.1
fixed in 26.6.3
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-25646MEDIUM5.5
java-21-openjdk-headless
1:21.0.9.0.10-2.el9
No fix yet
1.0%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2026-44249MEDIUM5.5
io.netty:netty-handler
4.1.128.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.6%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2026-54370MEDIUM5.35
libacl
2.3.1-4.el9
No fix yet
<0.1%
Theoretical Threat
Directly Exposed
CVE-2026-54371MEDIUM5.35
libattr
2.5.1-3.el9
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-13757MEDIUM5.27
p11-kit-trust
0.25.3-3.el9_5
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2025-64506MEDIUM5.18
java-21-openjdk-headless
1:21.0.9.0.10-2.el9
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-21933MEDIUM5.18
java-21-openjdk-headless
1:21.0.9.0.10-2.el9
fixed in 1:21.0.10.0.7-1.el9
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-5435MEDIUM5.02
glibc
2.34-231.el9_7.2
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-15281MEDIUM5.02
glibc
2.34-231.el9_7.2
fixed in 2.34-231.el9_7.10
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-5435MEDIUM5.02
glibc-common
2.34-231.el9_7.2
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-5435MEDIUM5.02
glibc-langpack-en
2.34-231.el9_7.2
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2020-12413MEDIUM5.02
nspr
4.36.0-4.el9_4
No fix yet
0.6%
Theoretical Threat
Directly Exposed
CVE-2020-12413MEDIUM5.02
nss
3.112.0-4.el9_4
No fix yet
0.6%
Theoretical Threat
Directly Exposed
CVE-2020-12413MEDIUM5.02
nss-softokn
3.112.0-4.el9_4
No fix yet
0.6%
Theoretical Threat
Directly Exposed
CVE-2020-12413MEDIUM5.02
nss-softokn-freebl
3.112.0-4.el9_4
No fix yet
0.6%
Theoretical Threat
Directly Exposed
CVE-2020-12413MEDIUM5.02
nss-sysinit
3.112.0-4.el9_4
No fix yet
0.6%
Theoretical Threat
Directly Exposed
CVE-2020-12413MEDIUM5.02
nss-util
3.112.0-4.el9_4
No fix yet
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-27171MEDIUM4.67
java-21-openjdk-headless
1:21.0.9.0.10-2.el9
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2021-46195MEDIUM4.67
libgcc
11.5.0-11.el9
No fix yet
0.8%
Theoretical Threat
Directly Exposed
CVE-2022-27943MEDIUM4.67
libgcc
11.5.0-11.el9
No fix yet
0.9%
Theoretical Threat
Directly Exposed
CVE-2024-0232MEDIUM4.67
sqlite-libs
3.34.1-9.el9_7
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-27171MEDIUM4.67
zlib
1.2.11-40.el9
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-14778MEDIUM4.59
org.keycloak:keycloak-services
26.5.1
fixed in 26.2.13, 26.5.3, 26.4.9
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-7500MEDIUM4.59
org.keycloak:keycloak-services
26.5.1
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-8922MEDIUM4.59
org.keycloak:keycloak-services
26.5.1
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-0915MEDIUM4.5
glibc
2.34-231.el9_7.2
fixed in 2.34-231.el9_7.10
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-4046MEDIUM4.5
glibc
2.34-231.el9_7.2
fixed in 2.34-270.el9_8
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-4046MEDIUM4.5
glibc-common
2.34-231.el9_7.2
fixed in 2.34-270.el9_8
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-4046MEDIUM4.5
glibc-langpack-en
2.34-231.el9_7.2
fixed in 2.34-270.el9_8
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-22013MEDIUM4.5
java-21-openjdk-headless
1:21.0.9.0.10-2.el9
fixed in 1:21.0.11.0.10-2.el9
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-22021MEDIUM4.5
java-21-openjdk-headless
1:21.0.9.0.10-2.el9
fixed in 1:21.0.11.0.10-2.el9
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-22693MEDIUM4.5
java-21-openjdk-headless
1:21.0.9.0.10-2.el9
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-23865MEDIUM4.5
java-21-openjdk-headless
1:21.0.9.0.10-2.el9
fixed in 1:21.0.11.0.10-2.el9
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-54514MEDIUM4.5
com.fasterxml.jackson.core:jackson-databind
2.19.2
fixed in 2.18.8, 2.21.4, 3.1.4
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-54515MEDIUM4.5
com.fasterxml.jackson.core:jackson-databind
2.19.2
fixed in 3.1.4, 2.18.9, 2.21.5, 2.22.1
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-50020MEDIUM4.5
io.netty:netty-codec-http
4.1.128.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-47244MEDIUM4.5
io.netty:netty-codec-http2
4.1.128.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-50560MEDIUM4.5
io.netty:netty-codec-http2
4.1.128.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-1002MEDIUM4.5
io.vertx:vertx-core
4.5.22
fixed in 4.5.24, 5.0.7
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-6860MEDIUM4.5
io.vertx:vertx-core
4.5.22
fixed in 4.5.27, 5.0.12
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-2575MEDIUM4.5
org.keycloak:keycloak-saml-core
26.5.1
fixed in 26.5.4
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-2575MEDIUM4.5
org.keycloak:keycloak-services
26.5.1
fixed in 26.5.4
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-4325MEDIUM4.5
org.keycloak:keycloak-services
26.5.1
fixed in 26.5.7
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-9794MEDIUM4.5
org.keycloak:keycloak-services
26.5.1
fixed in 26.6.3
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-9803MEDIUM4.5
org.keycloak:keycloak-services
26.5.1
fixed in 26.6.3
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-37977MEDIUM4.5
org.keycloak:keycloak-services
26.5.1
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-5450MEDIUM4.25
glibc
2.34-231.el9_7.2
fixed in 2.34-272.el9_8
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-5928MEDIUM4.25
glibc
2.34-231.el9_7.2
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-5450MEDIUM4.25
glibc-common
2.34-231.el9_7.2
fixed in 2.34-272.el9_8
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-5928MEDIUM4.25
glibc-common
2.34-231.el9_7.2
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-5450MEDIUM4.25
glibc-langpack-en
2.34-231.el9_7.2
fixed in 2.34-272.el9_8
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-5928MEDIUM4.25
glibc-langpack-en
2.34-231.el9_7.2
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-28164MEDIUM4.25
java-21-openjdk-headless
1:21.0.9.0.10-2.el9
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2025-11537MEDIUM4.25
org.keycloak:keycloak-quarkus-server
26.5.1
fixed in 26.5.6
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-9801MEDIUM4.17
org.keycloak:keycloak-ldap-federation
26.5.1
fixed in 26.6.3
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-0871MEDIUM4.17
org.keycloak:keycloak-server-spi-private
26.5.1
fixed in 26.5.2
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-37978MEDIUM4.17
org.keycloak:keycloak-services
26.5.1
fixed in 26.6.2
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-21925MEDIUM4.08
java-21-openjdk-headless
1:21.0.9.0.10-2.el9
fixed in 1:21.0.10.0.7-1.el9
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-37980MEDIUM4.08
org.keycloak:keycloak-services
26.5.1
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-64505LOW3.74
java-21-openjdk-headless
1:21.0.9.0.10-2.el9
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-34757LOW3.74
java-21-openjdk-headless
1:21.0.9.0.10-2.el9
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-3190LOW3.65
org.keycloak:keycloak-model-jpa
26.5.1
fixed in 26.5.6
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-3190LOW3.65
org.keycloak:keycloak-server-spi-private
26.5.1
fixed in 26.5.6
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-9791LOW3.65
org.keycloak:keycloak-server-spi-private
26.5.1
fixed in 26.6.3
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-3190LOW3.65
org.keycloak:keycloak-services
26.5.1
fixed in 26.5.6
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-37981LOW3.65
org.keycloak:keycloak-services
26.5.1
fixed in 26.4.12, 26.6.2
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-4628LOW3.65
org.keycloak:keycloak-services
26.5.1
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-8830LOW3.65
org.keycloak:keycloak-services
26.5.1
fixed in 26.6.3
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-9791LOW3.65
org.keycloak:keycloak-services
26.5.1
fixed in 26.6.3
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-9798LOW3.65
org.keycloak:keycloak-services
26.5.1
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-3429LOW3.57
org.keycloak:keycloak-services
26.5.1
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-9689LOW3.57
org.keycloak:keycloak-services
26.5.1
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-4438LOW3.4
glibc
2.34-231.el9_7.2
fixed in 2.34-270.el9_8
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-4438LOW3.4
glibc-common
2.34-231.el9_7.2
fixed in 2.34-270.el9_8
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-4438LOW3.4
glibc-langpack-en
2.34-231.el9_7.2
fixed in 2.34-270.el9_8
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-45536LOW3.4
io.netty:netty-transport-native-epoll
4.1.128.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-2733LOW3.23
org.keycloak:keycloak-services
26.5.1
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-5958LOW3.21
sed
4.8-9.el9
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-22018LOW3.15
java-21-openjdk-headless
1:21.0.9.0.10-2.el9
fixed in 1:21.0.11.0.10-2.el9
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-4633LOW3.15
org.keycloak:keycloak-services
26.5.1
fixed in 26.6.1, 26.4.12
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-70873LOW2.8
sqlite-libs
3.34.1-9.el9_7
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-2100LOW2.7
p11-kit-trust
0.25.3-3.el9_5
fixed in 0.26.2-1.el9
1.2%
Low-Moderate Risk
Post-Exploit
CVE-2026-1190LOW2.63
org.keycloak:keycloak-services
26.5.1
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-4874LOW2.63
org.keycloak:keycloak-services
26.5.1
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-0861LOW2.48
glibc
2.34-231.el9_7.2
fixed in 2.34-231.el9_7.10
0.4%
Theoretical Threat
Post-Exploit
CVE-2025-59250LOW2.48
com.microsoft.sqlserver:mssql-jdbc
13.2.1
fixed in 10.2.4.jre11, 11.2.4.jre11, 12.2.1.jre11, 12.6.5.jre11, 12.8.2.jre11, 12.10.2.jre11, 13.2.1.jre11
0.7%
Theoretical Threat
Post-Exploit
CVE-2026-22007LOW2.46
java-21-openjdk-headless
1:21.0.9.0.10-2.el9
fixed in 1:21.0.11.0.10-2.el9
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-34268LOW2.46
java-21-openjdk-headless
1:21.0.9.0.10-2.el9
fixed in 1:21.0.11.0.10-2.el9
0.1%
Theoretical Threat
Directly Exposed
CVE-2025-13881LOW2.29
org.keycloak:keycloak-services
26.5.1
fixed in 26.5.2, 26.4.9
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-3911LOW2.29
org.keycloak:keycloak-services
26.5.1
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-5278LOW2.24
coreutils-single
8.32-39.el9
fixed in 8.32-41.el9_8
0.2%
Theoretical Threat
Post-Exploit
CVE-2023-50495NONE0
ncurses-base
6.2-12.20210508.el9
No fix yet
1.0%
Theoretical Threat
Not Applicable
CVE-2023-50495NONE0
ncurses-libs
6.2-12.20210508.el9
No fix yet
1.0%
Theoretical Threat
Not Applicable
CVE-2026-22020NONE0
java-21-openjdk-headless
1:21.0.9.0.10-2.el9
No fix yet
Not Applicable
GHSA-72hv-8253-57qqNONE0
com.fasterxml.jackson.core:jackson-core
2.19.2
fixed in 2.21.1, 2.18.6
Not Applicable

Want to check another image? Run a full scan with the Docker Security Scanner.