Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
GoauthentikAuthentik

2 matches found

CVE
CVEadded 2023/08/29 6:15 p.m.2487 views

CVE-2023-39522

goauthentik is an open-source Identity Provider. In affected versions using a recovery flow with an identification stage an attacker is able to determine if a username exists. Only setups configured with a recovery flow are impacted by this. Anyone with a user account on a system with the recovery ...

5.3CVSS5AI score0.00373EPSS
CVE
CVEadded 2025/06/27 3:15 p.m.11 views

CVE-2025-52553

authentik is an open-source identity provider. After authorizing access to a RAC endpoint, authentik creates a token which is used for a single connection and is sent to the client in the URL. This token is intended to only be valid for the session of the user who authorized the connection, however...

5.5CVSS6.4AI score0.00059EPSS