HIGH 7.3

CVE-2026-9795: Keycloak FGAPv2 Fine-Grained Admin Permissions Bypass

A flaw in Keycloak's Fine-Grained Admin Permissions (FGAPv2) feature allows a limited administrator to bypass security controls and inject high-privilege roles into a client application. When users authenticate to that client, the injected roles appear in their authentication tokens, granting them unauthorized access. An attacker with restricted admin rights can escalate their own permissions or those of other users without triggering standard approval workflows.

Source data · NVD / CISA · public domain

CVSS
3.1 · 7.3 HIGH · CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:N
Weaknesses (CWE)
CWE-266
Affected products
1 configuration(s)
Published / Modified
2026-05-28 / 2026-06-30

NVD description (verbatim)

A flaw was found in Keycloak's Fine-Grained Admin Permissions (FGAPv2) feature. An administrator with limited client management permissions can exploit this vulnerability to assign any realm role, including highly privileged roles, to a client's scope mapping. This bypasses intended security controls, allowing the injected role to be projected into a user's authentication token when they access the modified client. This could lead to unauthorized privilege escalation within the Keycloak realm.

13 reference(s) · View on NVD →

SEC.co analysis · AI-assisted, reviewed against source

Technical summary

CVE-2026-9795 affects Keycloak's FGAPv2 authorization model. The vulnerability exists in scope mapping enforcement: an administrator with confined client management permissions can manipulate client role mappings to include realm-level roles that should be restricted by their administrative scope. Because FGAPv2 is designed to compartmentalize admin capabilities, this represents a direct bypass of the intended permission hierarchy. When a user logs into the affected client, the OpenID Connect token (id_token or access_token) includes the injected realm roles, allowing the client application to treat the user as if they possessed those privileges. The vulnerability requires high privilege (PR:H) and user interaction (UI:R), but affects cross-realm scope (S:C), meaning the blast radius extends beyond a single isolated system.

Business impact

If an organization uses Keycloak to centralize identity and access management across multiple applications and realms, a compromised or malicious admin account can escalate privileges across all dependent systems simultaneously. Clients relying on Keycloak's role assertions for authorization decisions may grant sensitive permissions (e.g., financial transactions, data export, account modification) to unauthenticated or under-privileged users. This directly impacts compliance posture if role-based access control (RBAC) is audited or mandated by regulation. Recovery requires token revocation, session termination, and role audit across all affected applications.

Affected systems

Red Hat build of Keycloak is the confirmed affected product. This includes all deployments using Keycloak's FGAPv2 feature for administrative role delegation. Organizations using Keycloak as a central authentication provider for SaaS applications, microservices, or federated identity scenarios are at risk. The vulnerability is scoped to admins with client management rights, so air-gapped or highly restricted admin environments face lower exposure; however, any organization with multiple admins or delegated administrative privileges should assess their current FGAPv2 configuration.

Exploitability

Exploitation requires an authenticated administrator account with client management permissions—a high-privilege prerequisite that limits immediate external attack surface. However, the required user interaction (UI:R in the CVSS vector) is minimal and may be satisfied by the attacker's own admin session. The attack is deterministic once an admin account is compromised or maliciously provisioned, making it attractive in insider threat scenarios or post-compromise persistence strategies. No public exploit code or active exploitation in the wild has been reported to date (KEV status: not listed).

Remediation

Organizations must apply patches from Red Hat as they become available. Until patching is feasible, implement compensating controls: audit admin account creation and scope assignments, restrict client management permissions to a minimal set of trusted personnel, and enforce multi-factor authentication for all admin accounts. Review recent scope mappings and role assignments to clients; any unexpected high-privilege roles should be revoked immediately. Consider disabling FGAPv2 temporarily if your security posture permits, reverting to role-based admin access pending patched deployment.

Patch guidance

Verify Red Hat's official Keycloak advisory for patched versions. Apply updates to all Keycloak instances in your infrastructure, including development, staging, and production environments. Given the cross-realm impact (S:C vector), a staggered rollout with careful pre-production testing is recommended to ensure no role-dependent workflows break. After patching, re-test FGAPv2 permission boundaries to confirm the fix; Red Hat's advisory will include validation steps.

Detection guidance

Enable Keycloak's audit logging and export logs to a SIEM. Search for admin actions that assign realm roles to client scope mappings, particularly assignments of high-privilege roles (e.g., 'admin', 'manage-users', 'manage-roles') by accounts with limited permissions. Monitor token content (via JWT inspection or OIDC introspection endpoints) for unexpected role inflation in tokens issued to a specific client. Set alerts for scope mapping modifications by any admin account. Review cross-realm token flows if your deployment spans multiple realms; unexplained realm-role propagation to child realms is a leading indicator.

Why prioritize this

This vulnerability scores HIGH (7.3 CVSS) due to high confidentiality and integrity impact (C:H/I:H), despite requiring high privilege and user interaction to exploit. The cross-realm scope (S:C) means a single compromise can affect multiple applications and user populations. The fine-grained permissions feature is typically deployed in organizations with complex administrative hierarchies or multi-tenant SaaS platforms, amplifying blast radius. While not yet in the Known Exploited Vulnerabilities catalog, the low complexity (AC:H) and intuitive attack path make it attractive to insiders or post-compromise persistence actors. Organizations using Keycloak for sensitive workloads should treat this as high priority for immediate audit and patching.

Risk score, explained

CVSS 7.3 reflects: (1) high confidentiality impact—users gain unauthorized access to sensitive data or functionality; (2) high integrity impact—admin permissions are altered without authorization; (3) no availability impact—the Keycloak system itself remains operational; (4) cross-realm scope amplifies the reach; (5) high privilege requirement and human interaction reduce the attack surface to insider or post-compromise scenarios. The score does not account for organizational context; environments where Keycloak controls access to critical systems or PII should consider their own risk as CRITICAL regardless of CVSS.

Frequently asked questions

If we don't use FGAPv2 for admin role delegation, are we affected?

Likely not. This vulnerability is specific to the Fine-Grained Admin Permissions v2 feature. If your Keycloak deployment uses traditional role-based admin access (realm-admin, manage-users, etc.) without FGAPv2, you are not affected. Review your realm configuration to confirm FGAPv2 is disabled or unused.

How can we detect if this vulnerability has been exploited in our environment?

Examine your Keycloak audit logs and OAuth2/OIDC token logs for unexpected realm-role additions to client scope mappings, especially by admin accounts with restricted permissions. Cross-check issued tokens (via OIDC introspection) against approved role assignments. If a user's token contains a realm role they should not have, investigate the client they accessed and the admin account that provisioned the mapping.

Do we need to revoke all admin sessions if we suspect exploitation?

Yes. Revoke all active admin sessions immediately, reset credentials for suspected accounts, and conduct a full audit of recent admin actions. Generate a list of all users and their roles, comparing it against your access control matrix. Any discrepancies should trigger privilege revocation and user notification. After patching, require all admins to re-authenticate.

What's the difference between this flaw and a general privilege escalation?

This is specifically a permission-boundary bypass: FGAPv2 is designed to let admins manage only a subset of roles, but the flaw allows an admin to assign *any* role, including those outside their intended scope. A general privilege escalation might be an attacker gaining any higher privilege; this is a *scoped* escalation that breaks the administrative permission model.

This analysis is based on the published CVE-2026-9795 description and CVSS vector as of the modification date (2026-06-30). Verify all patch versions and remediation steps against Red Hat's official security advisory before implementation. No exploit code or proof-of-concept is provided. Organizations should conduct their own risk assessment based on deployment topology, data sensitivity, and admin access patterns. SEC.co does not assume liability for actions taken in response to this intelligence. Source: NVD (public-domain), retrieved 2026-07-07. Analysis generated by SEC.co (claude-haiku-4-5).