Sensitive Data Exposure in Keycloak Logging Configuration
CVE-2025-11537

5MEDIUM

Key Information:

Vendor: Red Hat
Status: Red Hat Build Of Keycloak
Vendor: CVE Published:; 10 February 2026

What is CVE-2025-11537?

A vulnerability in Keycloak's logging configuration allows for the disclosure of sensitive data, such as Authorization headers and cookies, when verbose logging is enabled with user-defined patterns. This flaw means that log files might contain sensitive credentials in cleartext, which can be accessed by any attacker with read permissions to those logs. Such access can lead to serious security risks, including user impersonation and account takeover.

References

https://access.redhat.com/security/cve/CVE-2025-11537

vdb-entryx_refsource_REDHAT

https://bugzilla.redhat.com/show_bug.cgi?id=2402616

issue-trackingx_refsource_REDHAT

CVSS V3.1

Score:

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 10, 2026
Vulnerability Reserved
Oct 9, 2025

CVE-2025-11537 Data

JSON

Red Hat

What is CVE-2025-11537?

References

CVSS V3.1

Timeline