380 matches found
PT-2026-45858
Name of the Vulnerable Software and Affected Versions authentik versions prior to 2025.12.6 authentik versions prior to 2026.2.4 authentik versions prior to 2026.5.1 Description An attacker who has the ability to modify a source connection and possesses an account in one of the configured sources...
PT-2026-45859
Name of the Vulnerable Software and Affected Versions authentik versions prior to 2025.12.6 authentik versions prior to 2026.2.4 authentik versions prior to 2026.5.1 Description authentik is an open-source identity provider. The Source stage can be bypassed by sending an empty POST request...
PT-2026-45854
Name of the Vulnerable Software and Affected Versions authentik versions prior to 2026.2.3 Description The WS-Federation provider in this open-source identity provider validates the user-supplied wreply parameter using a raw string prefix check instead of proper URL parsing. An attacker can craft...
authentik 授权问题漏洞
Authentik is an open-source identity provisioning application. Versions of Authentik before 2025.12.6, 2026.2.4, and 2026.5.1 have vulnerabilities related to authorization. These vulnerabilities stem from the possibility of sending empty POST requests, which may bypass the authentication phase...
authentik 授权问题漏洞
Authentik is an open-source identity provisioning application. Versions of Authentik prior to 2025.12.6, 2026.2.4, and 2026.5.1 contained vulnerabilities related to authorization. These vulnerabilities stemmed from the possibility for attackers who could modify source connections to exploit...
authentik 输入验证错误漏洞
Authentik is an open-source identity provisioning application developed by Authentik. Versions prior to 2025.12.5, 2026.2.3, and 2026.5.1 contained a vulnerability related to input validation errors. This vulnerability stemmed from an XML signature packaging flaw in the SAML Source ACS endpoint’s...
authentik 跨站脚本漏洞
Authentik is an open-source identity provisioning application. Versions of Authentik before 2025.12.5 and 2026.2.3 had a cross-site scripting vulnerability. This vulnerability stemmed from issues in the SFE implementation phase, which could lead to the exploitation of XSS vulnerabilities during t...
authentik 输入验证错误漏洞
Authentik is an open-source identity provisioning application. Versions of Authentik prior to 2026.2.3 had a vulnerability related to input validation errors. This vulnerability stemmed from the WS-Federation provider’s use of raw string prefixes for validation instead of proper URL parsing, whic...
authentik 数据伪造问题漏洞
Authentik is an open-source identity provisioning application developed by Authentik. Versions of Authentik before 2025.12.5 and 2026.2.3 had a data manipulation vulnerability. This vulnerability stemmed from the SAML response processor not verifying the Conditions element in assertions, which...
BIT-AUTHENTIK-2026-40172 authentik: Privilege Escalation via User PATCH: Superuser Group Assignment Bypasses enable_group_superuser
authentik is an open-source identity provider. In versions prior to 2025.12.5 and 2026.2.0 through 2026.2.2, the PATCH /api/v3/core/users/pk/ API allows a caller with changeuser on a target user to assign arbitrary groups through UserSerializer, including groups with issuperuser=True, without...
BIT-AUTHENTIK-2026-40166 authentik: Non-admin user can retrieve confidential OAuth client_secret via /api/v3/oauth2/access_tokens/
authentik is an open-source identity provider. In versions prior to 2025.12.5 and 2026.2.0 through 2026.2.2, authenticated non-admin users with at least one OAuth2 access token can retrieve the clientsecret of confidential OAuth2 providers they have previously authenticated against, exposing...
GHSA-C3M2-JQMQ-PVP3 authentik's XML Signature Wrapping in SAML Source ACS allows authentication as arbitrary federated user
Summary authentik's SAML Source ACS endpoint is vulnerable to XML Signature Wrapping when validating upstream SAML responses. An attacker with any account at the upstream IdP can reuse a valid signed assertion to authenticate as another federated user. Patches authentik 2026.5.1, 2026.2.4 and...
CVE-2026-44649
SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18.0, SillyTavern accepts Remote-User Authelia and X-Authentik-Username Authentik HTTP headers to...
CVE-2026-44649 SillyTavern: Authentication Bypass via SSO Header Injection
SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18.0, SillyTavern accepts Remote-User Authelia and X-Authentik-Username Authentik HTTP headers to...
EUVD-2026-33401
SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18.0, SillyTavern accepts Remote-User Authelia and X-Authentik-Username Authentik HTTP headers to...
CVE-2026-44649
SillyTavern) vulnerability (CVE-2026-44649) affects SillyTavern before version 1.18.0 where header-based SSO authentication can be bypassed. The root cause is lack of validation that Remote-User (Authelia) and X-Authentik-Username (Authentik) headers originate from a trusted reverse proxy. The lo...
CVE-2026-44649
SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18.0, SillyTavern accepts Remote-User Authelia and X-Authentik-Username Authentik HTTP headers to...
PT-2026-45029
Name of the Vulnerable Software and Affected Versions authentik versions prior to 2025.12.5 authentik versions prior to 2026.2.3 authentik versions prior to 2026.5.1 Description The SAML Source ACS endpoint is susceptible to XML Signature Wrapping, a technique where a valid signature is used to...
SillyTavern 安全漏洞
SillyTavern is a frontend interface for the SillyTavern open-source language model. Versions of SillyTavern prior to 1.18.0 contained security vulnerabilities. These vulnerabilities stemmed from automatic login using the Remote-User and X-Authentik-Username HTTP headers, without verifying whether...
BIT-AUTHENTIK-2026-40165 authentik: SAML NameID XML Comment Injection Enables Authentication Bypass via Identifier Truncation
authentik is an open-source identity provider. Versions 2025.12.4 and prior, and versions 2026.2.0 through 2026.2.2 were vulnerable to Authentication Bypass through SAML NameID XML Comment Injection. Due to how authentik extracted the NameID value from a SAML assertion, it was possible for an...