CVE-2026-9088: Keycloak Delegated Admin Bypass Information Disclosure Vulnerability
Keycloak contains a flaw in how it enforces user profile visibility rules for delegated administrators. An admin with permission to view group memberships and users can circumvent access controls by querying the group members endpoint, allowing them to see sensitive user attributes that should be hidden from them. This is a controlled-access issue—the attack requires administrative privileges and does not affect regular users or public-facing functionality.
Source data · NVD / CISA · public domain
- CVSS
- 3.1 · 2.7 LOW · CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
- Weaknesses (CWE)
- CWE-1220
- Affected products
- 0 configuration(s)
- Published / Modified
- 2026-06-05 / 2026-06-26
NVD description (verbatim)
A flaw was found in org.keycloak.services. An administrator with delegated access to read group memberships and users can bypass user profile permissions by accessing the group members endpoint. This allows the administrator to view user attributes that are explicitly configured to be denied, leading to information disclosure.
6 reference(s) · View on NVD →
SEC.co analysis · AI-assisted, reviewed against source
Technical summary
CVE-2026-9088 affects org.keycloak.services and stems from insufficient access control enforcement on the group members endpoint. The vulnerability allows a delegated administrator to bypass user profile permission checks designed to restrict visibility of certain user attributes. An attacker with group-read and user-read delegations can extract forbidden user data by directly querying the group members API, bypassing the profile-level authorization logic that should enforce attribute-level denial rules. The flaw is rooted in CWE-1220 (Improper Restriction of Rendered UI Layers or Frames), indicating a control bypass at the API layer.
Business impact
This vulnerability primarily affects organizations using Keycloak's role-based delegation model to separate administrative duties. If an administrator role is scoped to manage only certain groups or read user lists, a compromised or malicious delegated admin could extract personal information (phone numbers, email addresses, custom attributes) that the organization intentionally restricted from their role. The impact is information disclosure; no data modification or system availability impact occurs. Risk is highest in multi-tenant or federated identity scenarios where attribute privacy is a compliance or contractual requirement.
Affected systems
Keycloak deployments using delegated administrative roles with granular permission scoping are affected. The vulnerability applies to any instance where user profile attributes are configured with deny rules and delegated admins hold read permissions on groups or users. No specific version constraints were provided in the source data; verify the vendor advisory for affected Keycloak versions and patch availability.
Exploitability
Exploitation requires an existing admin account with delegated read access to groups and users—a non-trivial prerequisite that limits opportunistic attack. An attacker cannot exploit this remotely without valid credentials. Network access is required but automated; no user interaction or complex exploitation techniques are needed. The low CVSS score (2.7) reflects these constraints: high privilege requirement (PR:H), local scope impact, and read-only access (C:L, I:N, A:N).
Remediation
Apply the Keycloak patch addressing this authorization bypass when available from the vendor. Pending patch deployment, audit delegated administrative roles to confirm their scope aligns with organizational intent; remove unnecessary user-read or group-read permissions from roles that do not require them. Consider implementing additional API-level monitoring to detect unusual queries to the group members endpoint by delegated accounts.
Patch guidance
Check the Keycloak security advisories for a patched release addressing CVE-2026-9088. Apply patches to all Keycloak instances running vulnerable versions, prioritizing environments where delegated admin roles are in active use. Verify patch installation by confirming the group members endpoint enforces user profile permission rules and denies access to restricted attributes.
Detection guidance
Monitor Keycloak audit logs for repeated or bulk queries to the group members endpoint by delegated administrator accounts, particularly if followed by requests for user attributes marked as restricted. Log any access that returns user data contradicting the administrator's delegated permissions. Implement application-level instrumentation to flag unauthorized attribute disclosure attempts.
Why prioritize this
Although the CVSS score is low, this vulnerability warrants prompt patching because it undermines the administrative control model that many organizations rely on for compliance and data governance. The flaw is deterministic—if an admin has the necessary delegations, the exploit is trivial—and affects the integrity of access control assumptions. Organizations with strict attribute privacy requirements should prioritize remediation.
Risk score, explained
The CVSS 3.1 score of 2.7 reflects a flaw with high privilege requirement (PR:H), network accessibility (AV:N), low complexity attack (AC:L), unchanged scope (S:U), and limited confidentiality impact (C:L). No integrity or availability impact occurs. The score is appropriate for a delegated admin bypass with information disclosure only; however, the real-world risk depends on the sensitivity of restricted attributes and the trust assumptions for delegated roles in your deployment.
Frequently asked questions
Can an unauthenticated attacker exploit this vulnerability?
No. The attacker must hold a valid Keycloak administrator account with delegated permissions to read groups and users. Public users and regular authenticated users cannot exploit this flaw.
Does this vulnerability allow modification of user data or account takeover?
No. The vulnerability is read-only and results in unauthorized disclosure of user attributes. It does not permit data modification, privilege escalation, or lateral movement.
If we have strict admin role separation, are we still at risk?
Yes, if delegated admins are granted read permissions on users or groups, they can bypass attribute-level restrictions via the group members endpoint. Audit your delegated roles to confirm they have minimum necessary permissions.
Is this flaw tracked in the KEV catalog?
No. CVE-2026-9088 has not been added to CISA's Known Exploited Vulnerabilities catalog, indicating no evidence of active exploitation in the wild at the time of publication.
This analysis is based on publicly available CVE data and vendor documentation. No exploit code or weaponized proof-of-concept is provided. The remediation steps are general recommendations; verify all patch versions and deployment steps against official Keycloak security advisories before implementation. SEC.co does not assume liability for any actions taken in response to this guidance. Always test security patches in a non-production environment first. Source: NVD (public-domain), retrieved 2026-07-14. Analysis generated by SEC.co (claude-haiku-4-5).
Weaknesses (CWE)
Related vulnerabilities
- CVE-2024-42206LOWHCL iReflection Third-Party Component Vulnerability
- CVE-2025-12656LOWWPvivid Plugin Arbitrary Directory Deletion Vulnerability
- CVE-2025-48616LOWAndroid Lockdown Bypass via Screen Pinning Logic Error
- CVE-2025-52608LOWHCL iControl Missing Cookie Attributes Vulnerability
- CVE-2025-52609LOWHCL iControl Missing Security Headers XSS Vulnerability
- CVE-2025-52611LOWHCL iControl Stack Trace Disclosure (v4.0.0)
- CVE-2025-62338LOWHCL BigFix CLM Input Validation Flaw – Information Disclosure Risk
- CVE-2026-0016LOWAndroid Credential Manager Permission Bypass & Cross-User Data Disclosure