Home > Vulnerability Database > CVE-2025-11538

Mend.io Vulnerability Database

CVE-2025-11538

Good to know:

Date: November 13, 2025

A vulnerability exists in Keycloak's server distribution where enabling debug mode (--debug <port>) insecurely defaults to binding the Java Debug Wire Protocol (JDWP) port to all network interfaces (0.0.0.0). This exposes the debug port to the local network, allowing an attacker on the same network segment to attach a remote debugger and achieve remote code execution within the Keycloak Java virtual machine.

Severity Score

6.8

Related Resources (7)

Url: https://bugzilla.redhat.com/show_bug.cgi?id=2402622

Url: https://access.redhat.com/errata/RHSA-2025:21371

Url: https://access.redhat.com/errata/RHSA-2025:21370

Url: https://nvd.nist.gov/vuln/detail/CVE-2025-11538

Url: https://access.redhat.com/security/cve/CVE-2025-11538

Url: https://github.com/keycloak/keycloak

Url: https://www.mend.io/vulnerability-database/CVE-2025-11538

Severity Score

6.8

Weakness Type (CWE)

Binding to an Unrestricted IP Address

CWE-1327

CVSS v3.1

Base Score:	6.8
Attack Vector (AV):	ADJACENT_NETWORK
Attack Complexity (AC):	HIGH
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	NONE

Mend.io Vulnerability Database

We found results for “”

CVE-2025-11538

Good to know:

Date: November 13, 2025

Severity Score

Related Resources (7)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?