CVE-2026-41569 | goauthentik up to 2026.2.2 URL parser wreply redirect (GHSA-995q-72cw-cfw3)

A vulnerability classified as problematic was found in goauthentik authentik up to 2026.2.2. Impacted is an unknown function of the component URL parser. Executing a manipulation of the argument wreply can lead to open redirect.

This vulnerability is tracked as CVE-2026-41569. The attack can be launched remotely. No exploit exists.

Upgrading the affected component is advised.VulDB Recent EntriesRead More