{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-11T19:11:45.222","vulnerabilities":[{"cve":{"id":"CVE-2026-1180","sourceIdentifier":"secalert@redhat.com","published":"2026-01-20T13:16:03.003","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was identified in Keycloak’s OpenID Connect Dynamic Client Registration feature when clients authenticate using private_key_jwt. The issue allows a client to specify an arbitrary jwks_uri, which Keycloak then retrieves without validating the destination. This enables attackers to coerce the Keycloak server into making HTTP requests to internal or restricted network resources. As a result, attackers can probe internal services and cloud metadata endpoints, creating an information disclosure and reconnaissance risk."},{"lang":"es","value":"Se identificó un fallo en la característica de registro dinámico de clientes de OpenID Connect de Keycloak cuando los clientes se autentican usando private_key_jwt. El problema permite a un cliente especificar una jwks_uri arbitraria, que Keycloak luego recupera sin validar el destino. Esto permite a los atacantes forzar al servidor de Keycloak a realizar solicitudes HTTP a recursos de red internos o restringidos. Como resultado, los atacantes pueden sondear servicios internos y puntos finales de metadatos en la nube, creando un riesgo de revelación de información y reconocimiento."}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N","baseScore":5.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-918"}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2026:6477","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:6478","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2026-1180","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2430781","source":"secalert@redhat.com"}]}}]}