Keycloak Privilege Escalation Vulnerability via TOCTOU Race Condition

Vulnerability

A privilege escalation vulnerability has been identified in Keycloak. This issue arises from a Time-of-check to Time-of-use (TOCTOU) race condition in the name-based admin role checks. An authenticated administrator with the 'manage-clients' role can exploit this vulnerability to escalate privileges to 'realm-admin' for all users within the realm. This unauthorized access allows extensive control over the system. Notably, the elevated privileges persist even after the attacker's permissions are revoked and across system reboots.

Impact

Exploitation of this vulnerability allows an authenticated administrator to gain 'realm-admin' privileges for all users in the realm, undermining role-based access control and granting extensive system control.

Added: May 28, 2026, 5:54 AM

Updated: May 28, 2026, 5:54 AM

Vulnerability Rating

Custom Algorithm

spread

5.2

impact

2.5

exploitability

5.0

remediation

0.0

relevance

9.6

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.2

impact

2.5

exploitability

5.0

remediation

0.0

relevance

9.6

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Keycloak Privilege Escalation Vulnerability via TOCTOU Race Condition

Vulnerability

Impact

Affected Products

Keycloak

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating