High CVE-2026-47201 authentik is an open-source identity provider. Prior to versions 2025.12.5, 2026.2.3, and 2026.5.1, authentik's SAML Source ACS endpoint is vulnerable to XML Signature Wrapping when validating upstream SAML responses. An attacker with any account at the upstream IdP can reuse a...

#Sicherheitslücke

Original-Artikel öffnen Zurück zur Übersicht

ARTICLEVIEW

[High] CVE-2026-47201 – authentik is an open-source identity provider. Prior to versions 2025.12.5, 2026...

VERWANDTEARTIKEL

CVE-2026-42588

[Medium] CVE-2026-43924 – FOSSBilling is a free, open-source billing and client management system. Prior t...

[High] CVE-2026-44609 – Local privilege escalation due to EXE hijacking vulnerability. The following pro...

[High] CVE-2026-50033 – Local privilege escalation due to DLL hijacking vulnerability. The following pro...

[Unknown] CVE-2026-37700 – Cross Site Scripting vulnerability in MaxSite CMS v.109.2 allows a remote attack...

[Medium] CVE-2026-40495 – FOSSBilling is a free, open-source billing and client management system. Version...