CVE-2025-13467 — Vulnetix

CVE-2025-13467 PUBLISHED CVSS 5.5 MEDIUM

A flaw was found in the Keycloak LDAP User Federation provider. This vulnerability allows an authenticated realm administrator to trigger deserialization of untrusted Java objects via a malicious LDAP server configuration.

EPSS 0.06% · 19.7th percentile

Risk Scores

CVSS v3.1

5.5

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N

EPSS Score

0.06%

19.7th percentile

Affected Products

Vendor	Product	Versions
Red Hat	Red Hat build of Keycloak 26.2	26.2-12
Red Hat	Red Hat build of Keycloak 26.4	26.4-5
Red Hat	Red Hat build of Keycloak 26.4.6
Maven	org.keycloak:keycloak-ldap-federation	26.3.0, 0
Keycloak	Keycloak	0
Red Hat	Red Hat build of Keycloak 26.2	26.2-12
Red Hat	Red Hat build of Keycloak 26.2.11
Red Hat	Red Hat build of Keycloak 26.2	26.2.11-1
Red Hat	Red Hat build of Keycloak 26.4	26.4-6
Red Hat	Red Hat build of Keycloak 26.4	26.4.6-1

Timeline

Nov 25, 2025 Coalition ESS Score
Nov 25, 2025 Coalition ESS Score
Nov 25, 2025 CVE Published
Nov 25, 2025 PoC Published
Nov 26, 2025 EPSS Score
Nov 26, 2025 Coalition ESS Score
Nov 29, 2025 Coalition ESS Score
Dec 1, 2025 EPSS Score
Dec 2, 2025 Coalition ESS Score
Dec 5, 2025 EPSS Score
Dec 10, 2025 EPSS Score
Dec 13, 2025 Coalition ESS Score

References

RHSA-2025:22088 vendor-advisory
RHSA-2025:22089 vendor-advisory
RHSA-2025:22090 vendor-advisory
RHSA-2025:22091 vendor-advisory
https://access.redhat.com/security/cve/CVE-2025-13467 vdb
RHBZ#2416038 issue
https://github.com/keycloak/keycloak/commit/754c070cf8ca187dcc71f0f72ff3130ff2195328 url
https://github.com/keycloak/keycloak/issues/44478 url
https://github.com/keycloak/keycloak/security/advisories/GHSA-4hx9-48xh-5mxr url
https://nvd.nist.gov/vuln/detail/CVE-2025-13467 advisory
https://github.com/keycloak/keycloak/commit/b90fec41ff17a70858d830750156a8a2e13ddb82 url
https://github.com/keycloak/keycloak package
https://github.com/keycloak/keycloak/releases/tag/26.4.6 url

Open in Interactive Console →