CYBERHAWK / CVE / CVE-2026-41577

CVE-2026-41577

authentik

HIGH CVSS 7.5 vibe oss

The flaw

SAML source response processor doesn't validate Conditions element on assertions allowing replay and cross-service attacks.

What to do

Update to authentik version 2025.12.5 or 2026.2.3 or later

▸ Scan my repo for CVE-2026-41577

References

NVD CISA KEV OSV GitHub Advisory MITRE News search
First seen 2026-06-05 · Tracked by PickBits CyberHawk · Weekly CVE digest
← All CVEs RSS Scheduled audits