Identity & Access Management · head-to-head
Red Hat Keycloak vs WSO2
On-prem IAM/IGA/PAM/MFA: directories, federation, privileged access, SSO. Counts are scoped to this segment and the selected published-date window. Red Hat Keycloak carries 1.6× the disclosed CVE volume of WSO2. Volume reflects disclosure practice and install base as much as code quality — read it with the severity mix. Sourced from the NIST NVD; lower counts indicate a smaller disclosed vulnerability surface — not necessarily lower risk.
Disclosure record
Bars are normalized per row to the larger value; the leading count is emphasized.
| Red Hat Keycloak | Metric | WSO2 | ||
|---|---|---|---|---|
| 168 | Total CVEs | 102 | ||
| 10 | Critical | 12 | ||
| 65 | High | 15 | ||
| 81 | Medium | 72 | ||
| 12 | Low | 3 | ||
| 127 | Open in latest | 69 |
Risk profile
Each severity band as a share of the vendor's own total — strips out raw volume so the profiles compare directly.
Red Hat Keycloak
6.0% critical- Critical
- 106.0%
- High
- 6538.7%
- Medium
- 8148.2%
- Low
- 127.1%
WSO2
11.8% critical- Critical
- 1211.8%
- High
- 1514.7%
- Medium
- 7270.6%
- Low
- 32.9%
Recent activity
Latest in-window disclosures per vendor, newest first. Each ID links to its NVD record.
Red Hat Keycloak
| CVE | Severity | CVSS | Published |
|---|---|---|---|
| CVE-2026-28369(opens NVD record) | High | 8.7 | Mar 27, 2026 |
| CVE-2026-28368(opens NVD record) | High | 8.7 | Mar 27, 2026 |
| CVE-2026-28367(opens NVD record) | High | 8.7 | Mar 27, 2026 |
| CVE-2026-3121(opens NVD record) | Medium | 6.5 | Mar 26, 2026 |
| CVE-2026-4874(opens NVD record) | Low | 3.1 | Mar 26, 2026 |
| CVE-2026-3260(opens NVD record) | Medium | 5.9 | Mar 24, 2026 |
WSO2
| CVE | Severity | CVSS | Published |
|---|---|---|---|
| CVE-2026-2053(opens NVD record) | High | 8.3 | Jun 26, 2026 |
| CVE-2025-9973(opens NVD record) | Medium | 6.4 | May 11, 2026 |
| CVE-2025-10470(opens NVD record) | High | 8.6 | May 11, 2026 |
| CVE-2025-8325(opens NVD record) | Medium | 6.3 | May 11, 2026 |
| CVE-2025-8154(opens NVD record) | Medium | 5.3 | May 11, 2026 |
| CVE-2025-10908(opens NVD record) | High | 7.3 | May 11, 2026 |
Track new CVEs for these vendors
Get an email the moment a new vulnerability is disclosed for the products you rely on.