Main Vulnerability Database Vulnerabilities #VU118581

Configuration in Keycloak - CVE-2025-11538

Published: November 18, 2025 / Updated: December 1, 2025

Vulnerability identifier: #VU118581

CSH Severity: Medium

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2025-11538

CWE-ID: CWE-16

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Keycloak

Affected software:
Keycloak

Detailed vulnerability description

The issue may allow a remote attacker to gain unauthorized access to the application.

The issue exists due to insecure default configuration of the server with enabled debug mode. The server binds by default the Java Debug Wire Protocol (JDWP) port to all network interfaces (0.0.0.0), exposing the interface to remote attackers.

How to mitigate CVE-2025-11538

Install updates from vendor's website.

Sources

https://github.com/advisories/GHSA-7m9g-pmxf-m9m8
https://bugzilla.redhat.com/show_bug.cgi?id=2402622
https://github.com/keycloak/keycloak/security/advisories/GHSA-j4vq-q93m-4683

Configuration in Keycloak - CVE-2025-11538

Detailed vulnerability description

How to mitigate CVE-2025-11538

Sources

Please verify you're human