3 matches found
CVE-2026-14781
A flaw in Keycloak’s OIDC broker (org.keycloak.broker.oidc) causes incorrect synchronization of the email_verified claim. When trustEmail=true and the userinfo endpoint is enabled, Keycloak uses email from userinfo but takes email_verified from the id_token without validating that it corresponds ...
CVE-2026-14781
A flaw exists in the org.keycloak.broker.oidc package where the OIDC broker incorrectly synchronizes the emailverified claim. When an OIDC identity provider is configured with trustEmail=true and the userinfo endpoint is enabled, Keycloak retrieves the email address from the userinfo response but...
CVE-2013-2808
Philips Xper vulnerability CVE-2013-2808 is a heap-based buffer overflow in Xper Information Management Physiomonitoring 5 components, Xper Information Management Vascular Monitoring 5 components, and Flex Cardio XperConnect broker environments. The issue allows remote execution of code via a cra...