A vulnerability was found in Keycloak on Red Hat and classified as problematic . This affects an unknown part of the component Group Members Endpoint . Such manipulation leads to insufficient granularity of access control. This vulnerability is documented as CVE-2026-9088 . The attack can be executed remotely. There is not any exploit available.