CVE-2025-10043

Name of the Vulnerable Software and Affected Versions Keycloak (affected versions not specified)

Description A path traversal flaw exists in Keycloak’s vault key handling on Windows. A previous fix for a related issue did not account for the Windows file separator (), allowing a high-privilege administrator to probe for files outside the expected realm context through crafted vault secret lookups. This is a platform-specific variant of a previously identified issue.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.