CVE-2026-41577 | goauthentik up to 2025.12.4/2026.2.2 ResponseProcessor.parse data authenticity (GHSA-4v4x-x5pr-8gp2)

A vulnerability has been found in goauthentik authentik up to 2025.12.4/2026.2.2 and classified as problematic. This vulnerability affects the function ResponseProcessor.parse. The manipulation leads to insufficient verification of data authenticity.

This vulnerability is listed as CVE-2026-41577. The attack may be initiated remotely. There is no available exploit.

The affected component should be upgraded.VulDB Recent EntriesRead More