top of page
perceptive_background_267k.jpg

authentik is an open-source identity provider. Prior to versions 2025.12.5, 2026.2.3, and 2026.5.1, authentik's SAML Source ACS endpoint is vulnerable to XML Si…

Published:

1 juni 2026 om 22:00:00

Alert date:

2 juni 2026 om 22:02:38

Source:

nvd.nist.gov

Click to open the original link from this advisory

Identity & Access, Web Technologies

A critical vulnerability in authentik's open-source identity provider allows XML Signature Wrapping attacks on SAML Source ACS endpoints. Attackers with upstream IdP accounts can reuse valid signed assertions to authenticate as different federated users. The vulnerability affects versions prior to 2025.12.5, 2026.2.3, and 2026.5.1. Patches are available in the specified fixed versions. This represents a significant authentication bypass risk in federated identity environments.

Technical details

Mitigation steps:

Affected products:

authentik

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-47201
https://github.com/goauthentik/authentik/security/advisories/GHSA-c3m2-jqmq-pvp3

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page