Keycloak Logging Vulnerability Reveals Sensitive Headers in Cleartext

Vulnerability

A vulnerability in Keycloak allows sensitive headers, including Authorization and Cookie, to be logged in cleartext when the logging format is set to a verbose, user-defined pattern, such as the 'long' pattern. This flaw enables an attacker with access to the log files to extract credentials like bearer tokens and session cookies, which can be used to impersonate users and fully compromise their accounts.

Impact

Exploitation of this vulnerability could lead to unauthorized access and full account compromise for users whose credentials are logged in cleartext.

Added: Feb 10, 2026, 2:17 PM

Updated: Feb 10, 2026, 3:28 PM

Vulnerability Rating

Custom Algorithm

spread

5.2

impact

5.0

exploitability

4.7

remediation

8.3

relevance

2.9

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.2

impact

5.0

exploitability

4.7

remediation

8.3

relevance

2.9

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Keycloak Logging Vulnerability Reveals Sensitive Headers in Cleartext

Vulnerability

Impact

Affected Products

Red Hat Keycloak

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating