A flaw was found in Keycloak's client registration service. A remote attacker, possessing a previously issued Registration Access Token (RAT), could exploit this vulnerability to re-enable a client that an administrator had explicitly disabled. This bypasses security controls, allowing the attacker to reset the client's secret and potentially regain privileged API access. The primary impact includes unauthorized information disclosure and potential integrity compromise.
rhbk/keycloak Rocky
Fixed in: rhel9-operator@sha256:d14691fa2b04762df8e788c63104611b75714f671604347347afb7f27ec6e592_arm64 RHSA-2026:30084 Fixed in: rhel9-operator@sha256:2e00190cd88d026765df408d00a63cee8ceb3cd27ddb43e41b37c85936f4e926_amd64 RHSA-2026:30084 Fixed in: rhel9@sha256:4c7d38f4d628edcb59a1f066487f60c3874633d29c9aa0aaa5edd73ef0c5d9e3_arm64 RHSA-2026:30084 Fixed in: rhel9@sha256:183d2a02d613de6745e0741333c4d34d8544b74866efac9237c46f26114b8c66_ppc64le RHSA-2026:30050 Fixed in: rhel9-operator@sha256:8b4788a5f7e7687f3cc98a80407057a915d516aa79ff2e879780fa13e3be738f_ppc64le RHSA-2026:30050 Fixed in: rhel9@sha256:70634542b3ae6f9c0593bd6a63d2e9fa4667c27d1cbf78c07bee4b1ebc1b6706_amd64 RHSA-2026:30050 Fixed in: operator-bundle@sha256:dc6f5cde01bde313152b99cbead708160e43be14804f0ff768123fa9f54b4a4b_amd64 RHSA-2026:30050 Fixed in: rhel9-operator@sha256:502c9e94ad138d062ca6e81de89284f5bcc0d27595b193498cf35f7e1bff9a40_amd64 RHSA-2026:30050 Fixed in: rhel9@sha256:d94079e34e41affcb63b6094781e9e0bb0c1e15ae2f24c93ad7bf6353937ec9a_s390x RHSA-2026:30050 Fixed in: rhel9-operator@sha256:c56fdf74f5055b2ed0aa1a5706f1fe5428692aaa4d107d2081fb7c6ee7d5ace0_s390x RHSA-2026:30050 Fixed in: rhel9@sha256:05b207815e7e032115df73466875ac10436fb304bec7322e7a0a1a919901fdab_arm64 RHSA-2026:30050 Fixed in: rhel9-operator@sha256:bb723943f57bf3f1b02f8b67e3aff2043b30f867dbf90155a5596b954073f57e_arm64 RHSA-2026:30050 Fixed in: rhel9@sha256:df587be8cab83d8da4cbc7e9d4e6ffcaa5cd779027238d51ee462941a680142e_s390x RHSA-2026:30084 Fixed in: rhel9-operator@sha256:c88a14bcd41b509c2f10713403d6a3cde9a9d2e6f78311de43a9b3090f7fcb94_s390x RHSA-2026:30084 Fixed in: rhel9@sha256:20440d38f4f71719a27184eeb8eca059dd39fa6c975dfa57529af586bbe7db11_ppc64le RHSA-2026:30084 Fixed in: rhel9-operator@sha256:e0ff01fb6339ac11a495514a23a71a78bd947809fa0c9bc1a3bda7cdb59bc9ed_ppc64le RHSA-2026:30084 Fixed in: rhel9@sha256:ffedd9c68012f3ce5e6d3287775c589fcbe5ba6858afc6b2fd47663fce4b138b_amd64 RHSA-2026:30084 Fixed in: operator-bundle@sha256:8e800f8ab196c4bbbaf4397e438a2e02e7dc9fd588feb6a6a813f730ab65b0ec_amd64 RHSA-2026:30084 rhbk/keycloak Red Hat / RHEL
Fixed in: rhel9@sha256:183d2a02d613de6745e0741333c4d34d8544b74866efac9237c46f26114b8c66_ppc64le RHSA-2026:30050 Fixed in: rhel9-operator@sha256:8b4788a5f7e7687f3cc98a80407057a915d516aa79ff2e879780fa13e3be738f_ppc64le RHSA-2026:30050 Fixed in: rhel9@sha256:70634542b3ae6f9c0593bd6a63d2e9fa4667c27d1cbf78c07bee4b1ebc1b6706_amd64 RHSA-2026:30050 Fixed in: operator-bundle@sha256:dc6f5cde01bde313152b99cbead708160e43be14804f0ff768123fa9f54b4a4b_amd64 RHSA-2026:30050 Fixed in: rhel9-operator@sha256:502c9e94ad138d062ca6e81de89284f5bcc0d27595b193498cf35f7e1bff9a40_amd64 RHSA-2026:30050 Fixed in: rhel9@sha256:d94079e34e41affcb63b6094781e9e0bb0c1e15ae2f24c93ad7bf6353937ec9a_s390x RHSA-2026:30050 Fixed in: rhel9-operator@sha256:c56fdf74f5055b2ed0aa1a5706f1fe5428692aaa4d107d2081fb7c6ee7d5ace0_s390x RHSA-2026:30050 Fixed in: rhel9@sha256:05b207815e7e032115df73466875ac10436fb304bec7322e7a0a1a919901fdab_arm64 RHSA-2026:30050 Fixed in: rhel9-operator@sha256:bb723943f57bf3f1b02f8b67e3aff2043b30f867dbf90155a5596b954073f57e_arm64 RHSA-2026:30050 Fixed in: rhel9@sha256:df587be8cab83d8da4cbc7e9d4e6ffcaa5cd779027238d51ee462941a680142e_s390x RHSA-2026:30084 Fixed in: rhel9-operator@sha256:c88a14bcd41b509c2f10713403d6a3cde9a9d2e6f78311de43a9b3090f7fcb94_s390x RHSA-2026:30084 Fixed in: rhel9@sha256:20440d38f4f71719a27184eeb8eca059dd39fa6c975dfa57529af586bbe7db11_ppc64le RHSA-2026:30084 Fixed in: rhel9-operator@sha256:e0ff01fb6339ac11a495514a23a71a78bd947809fa0c9bc1a3bda7cdb59bc9ed_ppc64le RHSA-2026:30084 Fixed in: rhel9@sha256:ffedd9c68012f3ce5e6d3287775c589fcbe5ba6858afc6b2fd47663fce4b138b_amd64 RHSA-2026:30084 Fixed in: operator-bundle@sha256:8e800f8ab196c4bbbaf4397e438a2e02e7dc9fd588feb6a6a813f730ab65b0ec_amd64 RHSA-2026:30084 Fixed in: rhel9-operator@sha256:2e00190cd88d026765df408d00a63cee8ceb3cd27ddb43e41b37c85936f4e926_amd64 RHSA-2026:30084 Fixed in: rhel9@sha256:4c7d38f4d628edcb59a1f066487f60c3874633d29c9aa0aaa5edd73ef0c5d9e3_arm64 RHSA-2026:30084 Fixed in: rhel9-operator@sha256:d14691fa2b04762df8e788c63104611b75714f671604347347afb7f27ec6e592_arm64 RHSA-2026:30084 Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.
Exploitability
Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction None
Scope Unchanged
Impact
Confidentiality Low
Integrity Low
Availability None
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
0.28% probability of exploitation in 30 days
20th percentile
Low risk: more likely to be exploited than 20% of all known CVEs.
Embed a live status badge for CVE-2026-9705 Markdown
[](https://tridentstack.com/cve/CVE-2026-9705)HTML
<a href="https://tridentstack.com/cve/CVE-2026-9705"><img src="https://tridentstack.com/cve/badge/CVE-2026-9705.svg" alt="CVE-2026-9705"></a>Find and fix vulnerabilities across your fleet TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.
Start free This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2026-07-01.