CVE-2025-11538

Name of the Vulnerable Software and Affected Versions Keycloak (affected versions not specified)

Description A security issue exists in Keycloak where enabling debug mode with the --debug flag insecurely binds the Java Debug Wire Protocol (JDWP) port to all network interfaces (0.0.0.0). This exposes the debug port to the local network, potentially allowing a malicious actor on the same network segment to attach a remote debugger and execute code remotely within the Keycloak Java virtual machine. The vulnerable parameter is <port>.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.