Keycloak Vulnerability in Single Use Object Provider Allows Unauthorized Access
CVE-2026-4325

5.3MEDIUM

Key Information:

Vendor: Red Hat
Status: Red Hat Build Of Keycloak 26.2; Red Hat Build Of Keycloak 26.2.15; Red Hat Build Of Keycloak 26.4; Red Hat Build Of Keycloak 26.4.11
Vendor: CVE Published:; 2 April 2026

🔔 Create Red Hat Vulnerability Alert

What is CVE-2026-4325?

A flaw in Keycloak's SingleUseObjectProvider, a global key-value store, compromises type and namespace isolation. This vulnerability allows attackers to delete arbitrary single-use entries, which can lead to replay attacks on consumed action tokens such as password reset links, potentially resulting in unauthorized access or account compromise.

Affected Version(s)

Red Hat build of Keycloak 26.2 26.2.15-1

Red Hat build of Keycloak 26.2 26.2-18

Red Hat build of Keycloak 26.2 26.2-18

References

https://access.redhat.com/errata/RHSA-2026:6475

vendor-advisoryx_refsource_REDHAT

https://access.redhat.com/errata/RHSA-2026:6476

vendor-advisoryx_refsource_REDHAT

https://access.redhat.com/errata/RHSA-2026:6477

vendor-advisoryx_refsource_REDHAT

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 2, 2026
Vulnerability Reserved
Mar 17, 2026

Credit

Red Hat would like to thank Ngọc Chung Kim for reporting this issue.

CVE-2026-4325 Data

.