CVE-2025-11537

Name of the Vulnerable Software and Affected Versions Keycloak (affected versions not specified)

Description A flaw exists in Keycloak where sensitive headers, including Authorization and Cookie, are disclosed in cleartext within log files when a verbose, user-supplied logging format—such as the 'long' pattern—is configured. An attacker with read access to these log files can extract credentials like bearer tokens and session cookies, potentially leading to user impersonation and full account compromise. The vulnerable component is the logging mechanism, which improperly handles user-defined logging patterns. The Authorization and Cookie headers are specifically exposed.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.