Skip to content

Identity & Access Management · head-to-head

ForgeRock vs WSO2

On-prem IAM/IGA/PAM/MFA: directories, federation, privileged access, SSO. Counts are scoped to this segment and the selected published-date window. WSO2 carries 6.8× the disclosed CVE volume of ForgeRock. Volume reflects disclosure practice and install base as much as code quality — read it with the severity mix. Sourced from the NIST NVD; lower counts indicate a smaller disclosed vulnerability surface — not necessarily lower risk.

01

Disclosure record

Bars are normalized per row to the larger value; the leading count is emphasized.

Metric comparison: ForgeRock versus WSO2. Each row gives the metric, ForgeRock’s count on the left and WSO2’s count on the right.
ForgeRockMetricWSO2
15Total CVEs102
5Critical12
4High15
5Medium72
1Low3
7Open in latest69
02

Risk profile

Each severity band as a share of the vendor's own total — strips out raw volume so the profiles compare directly.

ForgeRock

33.3% critical
Critical
533.3%
High
426.7%
Medium
533.3%
Low
16.7%

WSO2

11.8% critical
Critical
1211.8%
High
1514.7%
Medium
7270.6%
Low
32.9%
03

Recent activity

Latest in-window disclosures per vendor, newest first. Each ID links to its NVD record.

ForgeRock

Recent CVEs affecting ForgeRock
CVESeverityCVSSPublished
CVE-2024-25566(opens NVD record)Medium
6.1
Oct 29, 2024
CVE-2023-0582(opens NVD record)High
8.1
Mar 27, 2024
CVE-2022-3748(opens NVD record)Critical
9.8
Apr 14, 2023
CVE-2022-24670(opens NVD record)High
7.1
Oct 27, 2022
CVE-2022-24669(opens NVD record)Medium
6.5
Oct 27, 2022
CVE-2021-4201(opens NVD record)Critical
9.6
Feb 14, 2022

WSO2

Recent CVEs affecting WSO2
CVESeverityCVSSPublished
CVE-2026-2053(opens NVD record)High
8.3
Jun 26, 2026
CVE-2025-9973(opens NVD record)Medium
6.4
May 11, 2026
CVE-2025-10470(opens NVD record)High
8.6
May 11, 2026
CVE-2025-8325(opens NVD record)Medium
6.3
May 11, 2026
CVE-2025-8154(opens NVD record)Medium
5.3
May 11, 2026
CVE-2025-10908(opens NVD record)High
7.3
May 11, 2026

Track new CVEs for these vendors

Get an email the moment a new vulnerability is disclosed for the products you rely on.

Get alerts