Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: cwe Tag: goauthentik Clear
ID Title
CVE-2026-49443 Authentication Bypass in authentik (CVE-2026-49443)
authentication bypass in authentik (CVE-2026-49443). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2025.12.6, 2026.2.4, 2026.5.1` or later.
CVE-2026-49448 Authentication Bypass in authentik (CVE-2026-49448)
authentication bypass in authentik (CVE-2026-49448). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2025.12.6, 2026.2.4, 2026.5.1` or later.
CVE-2026-41569 Open Redirect in authentik (CVE-2026-41569)
vulnerability in authentik (CVE-2026-41569). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2026.2.3` or later.
CVE-2026-42849 Cross-Site Scripting (XSS) in authentik (CVE-2026-42849)
cross-site scripting in authentik (CVE-2026-42849). Confidential information can be exposed externally. Mitigation: upgrade to `2025.12.5, 2026.2.3` or later.
CVE-2026-47201 Vulnerability in goauthentik.io (CVE-2026-47201)
vulnerability in goauthentik.io (CVE-2026-47201). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `0.0.0-20260528144335-a370d76d23c7` or later.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →