A flaw was found in Keycloak. When the configuration uses JWT tokens for authentication, the tokens are cached until expiration. If a client uses JWT tokens with an excessively long expiration time, for example, 24 or 48 hours, the cache can grow indefinitely, leading to an OutOfMemoryError. This issue could result in a denial of service condition, preventing legitimate users from accessing theā¦Read More
CVE-2025-2559 Org.keycloak/keycloak-services: jwt token cache exhaustion leading to denial of service (dos) in keycloak
