{"id":"CLEANSTART-2026-VJ37814","summary":"Security fixes for CVE-2025-59250, CVE-2026-1002, CVE-2026-33870, CVE-2026-33871, CVE-2026-39852, CVE-2026-41417, CVE-2026-42198, CVE-2026-42577, CVE-2026-42578, CVE-2026-42579, CVE-2026-42580, CVE-2026-42581, CVE-2026-42583, CVE-2026-42584, CVE-2026-42585, CVE-2026-42587, CVE-2026-5588, CVE-2026-5598, ghsa-38f8-5428-x5cv, ghsa-3p8m-j85q-pgmj, ghsa-45p5-v273-3qqr, ghsa-45q3-82m4-75jr, ghsa-4cx2-fc23-5wg6, ghsa-57rv-r2g8-2cj3, ghsa-9342-92gg-6v29, ghsa-98qh-xjc8-98pq, ghsa-c3fc-8qff-9hwx, ghsa-cm33-6792-r9fm, ghsa-cphf-4846-3xx9, ghsa-fghv-69vj-qj49, ghsa-h5fg-jpgr-rv9c, ghsa-hq9p-pm7w-8p54, ghsa-j288-q9x7-2f5v, ghsa-m4cv-j2px-7723, ghsa-mj4r-2hfc-f8p6, ghsa-p93r-85wp-75v3, ghsa-pwqr-wmgm-9rr8, ghsa-rc95-pcm8-65v9, ghsa-rwm7-x88c-3g2p, ghsa-v8h7-rr48-vmmv, ghsa-w9fj-cfpg-grvv, ghsa-wg6q-6289-32hp, ghsa-xxqh-mfjm-7mv9 applied in versions: 26.1.4-r1, 26.4.11-r0, 26.4.11-r2","details":"Multiple security vulnerabilities affect the keycloak package. These issues are resolved in later releases. See references for individual vulnerability details.","modified":"2026-05-20T18:15:19.753231359Z","published":"2026-05-18T13:37:33.552809Z","upstream":["CVE-2025-59250","CVE-2026-1002","CVE-2026-33870","CVE-2026-33871","CVE-2026-39852","CVE-2026-41417","CVE-2026-42198","CVE-2026-42577","CVE-2026-42578","CVE-2026-42579","CVE-2026-42580","CVE-2026-42581","CVE-2026-42583","CVE-2026-42584","CVE-2026-42585","CVE-2026-42587","CVE-2026-5588","CVE-2026-5598","ghsa-38f8-5428-x5cv","ghsa-3p8m-j85q-pgmj","ghsa-45p5-v273-3qqr","ghsa-45q3-82m4-75jr","ghsa-4cx2-fc23-5wg6","ghsa-57rv-r2g8-2cj3","ghsa-9342-92gg-6v29","ghsa-98qh-xjc8-98pq","ghsa-c3fc-8qff-9hwx","ghsa-cm33-6792-r9fm","ghsa-cphf-4846-3xx9","ghsa-fghv-69vj-qj49","ghsa-h5fg-jpgr-rv9c","ghsa-hq9p-pm7w-8p54","ghsa-j288-q9x7-2f5v","ghsa-m4cv-j2px-7723","ghsa-mj4r-2hfc-f8p6","ghsa-p93r-85wp-75v3","ghsa-pwqr-wmgm-9rr8","ghsa-rc95-pcm8-65v9","ghsa-rwm7-x88c-3g2p","ghsa-v8h7-rr48-vmmv","ghsa-w9fj-cfpg-grvv","ghsa-wg6q-6289-32hp","ghsa-xxqh-mfjm-7mv9"],"database_specific":{},"references":[{"type":"ADVISORY","url":"https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-VJ37814.json"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2025-59250"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2026-1002"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2026-33870"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2026-33871"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2026-39852"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2026-41417"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2026-42198"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2026-42577"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2026-42578"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2026-42579"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2026-42580"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2026-42581"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2026-42583"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2026-42584"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2026-42585"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2026-42587"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2026-5588"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2026-5598"},{"type":"WEB","url":"https://osv.dev/vulnerability/ghsa-38f8-5428-x5cv"},{"type":"WEB","url":"https://osv.dev/vulnerability/ghsa-3p8m-j85q-pgmj"},{"type":"WEB","url":"https://osv.dev/vulnerability/ghsa-45p5-v273-3qqr"},{"type":"WEB","url":"https://osv.dev/vulnerability/ghsa-45q3-82m4-75jr"},{"type":"WEB","url":"https://osv.dev/vulnerability/ghsa-4cx2-fc23-5wg6"},{"type":"WEB","url":"https://osv.dev/vulnerability/ghsa-57rv-r2g8-2cj3"},{"type":"WEB","url":"https://osv.dev/vulnerability/ghsa-9342-92gg-6v29"},{"type":"WEB","url":"https://osv.dev/vulnerability/ghsa-98qh-xjc8-98pq"},{"type":"WEB","url":"https://osv.dev/vulnerability/ghsa-c3fc-8qff-9hwx"},{"type":"WEB","url":"https://osv.dev/vulnerability/ghsa-cm33-6792-r9fm"},{"type":"WEB","url":"https://osv.dev/vulnerability/ghsa-cphf-4846-3xx9"},{"type":"WEB","url":"https://osv.dev/vulnerability/ghsa-fghv-69vj-qj49"},{"type":"WEB","url":"https://osv.dev/vulnerability/ghsa-h5fg-jpgr-rv9c"},{"type":"WEB","url":"https://osv.dev/vulnerability/ghsa-hq9p-pm7w-8p54"},{"type":"WEB","url":"https://osv.dev/vulnerability/ghsa-j288-q9x7-2f5v"},{"type":"WEB","url":"https://osv.dev/vulnerability/ghsa-m4cv-j2px-7723"},{"type":"WEB","url":"https://osv.dev/vulnerability/ghsa-mj4r-2hfc-f8p6"},{"type":"WEB","url":"https://osv.dev/vulnerability/ghsa-p93r-85wp-75v3"},{"type":"WEB","url":"https://osv.dev/vulnerability/ghsa-pwqr-wmgm-9rr8"},{"type":"WEB","url":"https://osv.dev/vulnerability/ghsa-rc95-pcm8-65v9"},{"type":"WEB","url":"https://osv.dev/vulnerability/ghsa-rwm7-x88c-3g2p"},{"type":"WEB","url":"https://osv.dev/vulnerability/ghsa-v8h7-rr48-vmmv"},{"type":"WEB","url":"https://osv.dev/vulnerability/ghsa-w9fj-cfpg-grvv"},{"type":"WEB","url":"https://osv.dev/vulnerability/ghsa-wg6q-6289-32hp"},{"type":"WEB","url":"https://osv.dev/vulnerability/ghsa-xxqh-mfjm-7mv9"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-59250"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-1002"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-33870"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-33871"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-39852"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-41417"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-42198"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-42577"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-42578"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-42579"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-42580"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-42581"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-42583"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-42584"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-42585"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-42587"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-5588"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-5598"}],"affected":[{"package":{"name":"keycloak","ecosystem":"CleanStart"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"26.4.11-r2"}]}],"database_specific":{"source":"https://github.com/cleanstart-dev/cleanstart-security-advisories/blob/main/advisories/2026/CLEANSTART-2026-VJ37814.json"}}],"schema_version":"1.7.5"}