CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-7784

A flaw was found in the Keycloak identity and access management system when Fine-Grained Admin Permissions(FGAPv2) are enabled. An administrative user with the manage-users role can escalate their privileges to realm-admin due to improper privilege enforcement. This vulnerability allows unauthorized elevation of access rights, compromising the intended separation of administrative duties and posing a security risk to the realm.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 5.2%

CVSS Severity

CVSS v3 Score 6.5

References

https://access.redhat.com/errata/RHSA-2025:12015
https://access.redhat.com/errata/RHSA-2025:12016
https://access.redhat.com/security/cve/CVE-2025-7784
https://bugzilla.redhat.com/show_bug.cgi?id=2381861

Products affected by CVE-2025-7784

Redhat » Build Of Keycloak » Version: N/A

cpe:2.3:a:redhat:build_of_keycloak:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-7784

Products

Pricing

Contact Us