Lucene search
K

380 matches found

Cvelist
Cvelist
added 2026/05/22 7:0 p.m.13 views

CVE-2026-40172 authentik: Privilege Escalation via User PATCH: Superuser Group Assignment Bypasses enable_group_superuser

authentik is an open-source identity provider. In versions prior to 2025.12.5 and 2026.2.0-rc1 through 2026.2.2, the PATCH /api/v3/core/users/pk/ API allows a caller with changeuser on a target user to assign arbitrary groups through UserSerializer, including groups with issuperuser=True, without...

8.1CVSS0.00392EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/22 7:0 p.m.9 views

CVE-2026-40172 authentik: Privilege Escalation via User PATCH: Superuser Group Assignment Bypasses enable_group_superuser

authentik is an open-source identity provider. In versions prior to 2025.12.5 and 2026.2.0-rc1 through 2026.2.2, the PATCH /api/v3/core/users/pk/ API allows a caller with changeuser on a target user to assign arbitrary groups through UserSerializer, including groups with issuperuser=True, without...

8.1CVSS5.9AI score0.00392EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/22 7:0 p.m.11 views

EUVD-2026-31489

authentik is an open-source identity provider. In versions prior to 2025.12.5 and 2026.2.0-rc1 through 2026.2.2, the PATCH /api/v3/core/users/pk/ API allows a caller with changeuser on a target user to assign arbitrary groups through UserSerializer, including groups with issuperuser=True, without...

8.1CVSS5.9AI score0.00392EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/22 6:52 p.m.9 views

EUVD-2026-31490

authentik is an open-source identity provider. In versions prior to 2025.12.5 and 2026.2.0-rc1 through 2026.2.2, authenticated non-admin users with at least one OAuth2 access token can retrieve the clientsecret of confidential OAuth2 providers they have previously authenticated against, exposing...

7.1CVSS5.7AI score0.00337EPSS
Exploits0References3
CVE
CVE
added 2026/05/22 6:52 p.m.46 views

CVE-2026-40166

authentik contains an elevation of privilege in its OAuth2 access_tokens API (GET /api/v3/oauth2/access_tokens/) where authenticated non-admin users with at least one OAuth2 access token can retrieve the client_secret of confidential providers they previously authenticated against. This exposed i...

7.1CVSS5.7AI score0.00337EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.11 views

authentik 安全漏洞

Authentik is an open-source identity provisioning application developed by Authentik. Versions of Authentik prior to 2025.12.5, as well as versions from 2026.2.0-rc1 to 2026.2.2, contained security vulnerabilities. These vulnerabilities stemmed from the PATCH /api/v3/core/users/pk/ API, which...

8.1CVSS5.9AI score0.00392EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.10 views

authentik 安全漏洞

Authentik is an open-source identity provisioning application developed by Authentik. Versions of Authentik prior to 2025.12.5, as well as versions from 2026.2.0-rc1 to 2026.2.2, contained security vulnerabilities. These vulnerabilities stemmed from the fact that the API response for GET...

7.1CVSS5.8AI score0.00337EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/22 12:0 a.m.10 views

PT-2026-42826

Name of the Vulnerable Software and Affected Versions authentik versions prior to 2025.12.5 authentik versions 2026.2.0-rc1 through 2026.2.2 Description Authenticated non-admin users possessing at least one OAuth2 access token can retrieve the client secret of confidential OAuth2 providers they...

7.1CVSS5.8AI score0.00337EPSS
Exploits0References8
NVD
NVD
added 2026/05/21 12:16 a.m.16 views

CVE-2026-40165

authentik is an open-source identity provider. Versions 2025.12.4 and prior, and versions 2026.2.0-rc1 through 2026.2.2 were vulnerable to Authentication Bypass through SAML NameID XML Comment Injection. Due to how authentik extracted the NameID value from a SAML assertion, it was possible for an...

8.7CVSS0.00393EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.9 views

authentik 安全漏洞

Authentik is an open-source identity provisioning application developed by Authentik. Versions of Authentik prior to 2025.12.4, as well as versions from 2026.2.0-rc1 to 2026.2.2, contain security vulnerabilities. These vulnerabilities stem from XML injection in SAML NameID fields, which could all...

8.7CVSS5.8AI score0.00393EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/20 11:35 p.m.44 views

CVE-2026-40165 authentik: SAML NameID XML Comment Injection Enables Authentication Bypass via Identifier Truncation

authentik is an open-source identity provider. Versions 2025.12.4 and prior, and versions 2026.2.0-rc1 through 2026.2.2 were vulnerable to Authentication Bypass through SAML NameID XML Comment Injection. Due to how authentik extracted the NameID value from a SAML assertion, it was possible for an...

8.7CVSS0.00393EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/20 11:35 p.m.14 views

EUVD-2026-31203

authentik is an open-source identity provider. Versions 2025.12.4 and prior, and versions 2026.2.0-rc1 through 2026.2.2 were vulnerable to Authentication Bypass through SAML NameID XML Comment Injection. Due to how authentik extracted the NameID value from a SAML assertion, it was possible for an...

8.7CVSS5.7AI score0.00393EPSS
Exploits0References3
CVE
CVE
added 2026/05/20 11:35 p.m.35 views

CVE-2026-40165

The CVE affects the open‑source IdP project authentik. Versions 2025.12.4 and earlier, and 2026.2.0-rc1 through 2026.2.2 are affected by Authentication Bypass via SAML NameID XML Comment Injection. Due to how NameID is extracted from a SAML assertion, an attacker who has an account on the SAML So...

8.7CVSS5.7AI score0.00393EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/20 11:35 p.m.10 views

CVE-2026-40165

authentik is an open-source identity provider. Versions 2025.12.4 and prior, and versions 2026.2.0-rc1 through 2026.2.2 were vulnerable to Authentication Bypass through SAML NameID XML Comment Injection. Due to how authentik extracted the NameID value from a SAML assertion, it was possible for an...

8.7CVSS5.7AI score0.00393EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/20 11:35 p.m.11 views

CVE-2026-40165 authentik: SAML NameID XML Comment Injection Enables Authentication Bypass via Identifier Truncation

authentik is an open-source identity provider. Versions 2025.12.4 and prior, and versions 2026.2.0-rc1 through 2026.2.2 were vulnerable to Authentication Bypass through SAML NameID XML Comment Injection. Due to how authentik extracted the NameID value from a SAML assertion, it was possible for an...

8.7CVSS5.7AI score0.00393EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/20 12:0 a.m.10 views

PT-2026-42273

Name of the Vulnerable Software and Affected Versions authentik versions prior to 2025.12.5 authentik versions 2026.2.0-rc1 through 2026.2.2 Description An authentication bypass exists due to SAML NameID XML Comment Injection. The software incorrectly extracts the NameID value from a SAML...

8.7CVSS5.8AI score0.00393EPSS
Exploits0References10
Chainguard
Chainguard
added 2026/05/13 7:17 p.m.10 views

GHSA-W26R-RMM8-9C29 vulnerabilities

Vulnerabilities for packages: authentik, authentik-fips, py3-django...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2026/05/13 7:17 p.m.18 views

CVE-2026-6907 vulnerabilities

Vulnerabilities for packages: authentik, authentik-fips, py3-django...

5.3CVSS7AI score0.00358EPSS
Exploits0
Chainguard
Chainguard
added 2026/05/13 7:17 p.m.8 views

GHSA-7H2M-M8VJ-598H vulnerabilities

Vulnerabilities for packages: authentik, authentik-fips, py3-django...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2026/05/13 7:17 p.m.11 views

CVE-2026-35192 vulnerabilities

Vulnerabilities for packages: authentik, authentik-fips, py3-django...

6.5CVSS7AI score0.00544EPSS
Exploits0
Rows per page
Query Builder