来源: https://github.com/keycloak/keycloak/releases/tag/26.3.5
keycloak/keycloak 26.3.5 Release Notes
Published at: 2025-09-25T06:23:28Z
Upgrading
Before upgrading refer to the migration guide for a complete list of changes.
All resolved issues
Enhancements
- #41371 Upgrade to Quarkus 3.20.3 LTS
dist/quarkus - #41373 Remove explicit MariaDB connector dependency
dist/quarkus
Bugs
- #41418 Access to user details for restricted admin fails after enabling organizationin realm
organizations - #42405 Old hmac-generated (32bit) is recreated when order is changed in realm keys ui
core - #42491 CVE-2025-58057 - Netty BrotliDecoder / Data Amplification vulnerability
dist/quarkus - #42492 CVE-2025-58056 - Netty HTTP Request Smuggling vulnerability
dist/quarkus - #42736 Reset password in admin UI with 'not recently used' password policy leads to error 'Device already exists with the same name'
core - #42769 Missing switch "ID Token as detached signature" in the admin console client settings
oidc - #42922 Dynamic Client Registration invalidates the realm cache
core