BIT-AUTHENTIK-2026-41577 authentik: SAML source does not validate Conditions, timing, or audience on assertions

authentik is an open-source identity provider. Prior to versions 2025.12.5 and 2026.2.3, the SAML source response processor ResponseProcessor.parse does not validate the Conditions element on assertions. NotBefore, NotOnOrAfter, and AudienceRestriction are all ignored. This allows replay of expir...

CVE-2026-41577 authentik: SAML source does not validate Conditions, timing, or audience on assertions

authentik is an open-source identity provider. Prior to versions 2025.12.5 and 2026.2.3, the SAML source response processor ResponseProcessor.parse does not validate the Conditions element on assertions. NotBefore, NotOnOrAfter, and AudienceRestriction are all ignored. This allows replay of expir...

多款Qualcomm产品资源管理错误漏洞

Qualcomm MDM9607 and others are products of Qualcomm Incorporated Qualcomm.MDM9607 is a central processing unit CPU product.MDM9640 is a central processing unit CPU product.MDM9650 is a central processing unit CPU product. A resource management error vulnerability exists in qualcomm products that...

Qualcomm Wlan 缓冲区错误漏洞

Qualcomm Wlan Firmware is a Wlan support firmware from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Wlan that stems from an incorrect validation of the TBTT count and length, where an out-of-bounds read of the buffer may occur. Affected products and versions...