2 matches found
GO-2025-3822 Authentik has insufficient check for account active status when authenticating with OAuth/SAML Sources in goauthentik.io
Authentik has insufficient check for account active status when authenticating with OAuth/SAML Sources in goauthentik.io. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive...
CVE-2025-53942 authentik has an insufficient check for account active status during OAuth/SAML authentication
authentik is an open-source Identity Provider that emphasizes flexibility and versatility, with support for a wide set of protocols. In versions 2025.4.4 and earlier, as well as versions 2025.6.0-rc1 through 2025.6.3, deactivated users who registered through OAuth/SAML or linked their accounts to...