CVE-2025-14559

Published Jan 21, 2026

Last updated a month ago

CVSS medium 6.5
Business logic

Overview

Description
A flaw was found in the keycloak-services component of Keycloak. This vulnerability allows the issuance of access and refresh tokens for disabled users, leading to unauthorized use of previously revoked privileges, via a business logic vulnerability in the Token Exchange implementation when a privileged client invokes the token exchange flow.
Source
secalert@redhat.com
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Secondary
Base score
6.5
Impact score
5.2
Exploitability score
1.2
Vector string
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
Severity
MEDIUM

Weaknesses

secalert@redhat.com
CWE-840

Social media

Hype score
Not currently trending

  1. CVE-2025-14559 Keycloak Token Exchange Vulnerability Enables Unauthorize... https://t.co/jpSOxRiv4A Don't wait vulnerability scanning results: https://t.co/oh1APvMMnd

    @VulmonFeeds

    21 Jan 2026

    70 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. CVE-2025-14559 A flaw was found in the keycloak-services component of Keycloak. This vulnerability allows the issuance of access and refresh tokens for disabled users, leading to un… https://t.co/zn2NFHiuUe

    @CVEnew

    21 Jan 2026

    224 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Related CVEs

  1. The Open eClass platform (formerly known as GUnet eClass) is a complete course management system. Prior to version 4.2, a business logic vulnerability allows authenticated students to improperly mark themselves as present in attendance activities, including activities that have already expired, by directly accessing a crafted URL. This issue has been patched in version 4.2.CVE-2026-24774
  2. A vulnerability was identified in Bdtask Bhojon All-In-One Restaurant Management System up to 20260116. The impacted element is an unknown function of the file /hungry/addtocart of the component Add-to-Cart Submission Endpoint. The manipulation of the argument price/allprice leads to business logic errors. The attack can be initiated remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.CVE-2026-1600
  3. Microsoft Windows Information Disclosure VulnerabilityCVE-2026-20805
  4. Meta React Server Components Remote Code Execution VulnerabilityCVE-2025-55182
  5. A vulnerability was identified in linlinjava litemall up to 1.8.0. Affected by this vulnerability is an unknown functionality of the file /admin/config/express of the component Business Logic Handler. The manipulation of the argument litemall_express_freight_min leads to business logic errors. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.CVE-2025-8991

References

Sources include official advisories and independent security research.