2 matches found
CVE-2025-53942
Summary of CVE-2025-53942 (authentik): Affected: authentik identity provider. Issue: deactivated users who registered via OAuth/SAML (or linked accounts) could remain partially active, enabling authorization of applications despite deactivation. Root cause: insufficient check for account active s...
PT-2025-30439
Name of the Vulnerable Software and Affected Versions authentik versions prior to 2025.4.4 authentik versions 2025.6.0-rc1 through 2025.6.3 Description Deactivated users who registered through OAuth/SAML or linked their accounts to OAuth/SAML providers can retain partial access to the system...