Red Hat Product Errata RHSA-2025:11987 - Security Advisory
Issued:
2025-07-28
Updated:
2025-07-28

RHSA-2025:11987 - Security Advisory

Synopsis

Moderate: Red Hat build of Keycloak 26.0.13 Update

Type/Severity

Security Advisory: Moderate

Topic

New Red Hat build of Keycloak 26.0.13 packages are available from the Customer Portal

Description

Red Hat build of Keycloak 26.0.13 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.

Security fixes:

  • Phishing attack via email verification step in first login flow

Solution

Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.

Affected Products

  • Red Hat build of Keycloak Text-only Advisories x86_64

Fixes

  • BZ - 2378852 - CVE-2025-7365 keycloak: Phishing attack via email verification step in first login flow

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.