CVE-2026-47201 | goauthentik up to 2025.12.4/2026.2.2/2026.5.0 Source ACS Endpoint assertion (GHSA-c3m2-jqmq-pvp3)

A vulnerability classified as problematic has been found in goauthentik authentik up to 2025.12.4/2026.2.2/2026.5.0. This issue affects some unknown processing of the component Source ACS Endpoint. Performing a manipulation results in reachable assertion.

This vulnerability is identified as CVE-2026-47201. The attack can be initiated remotely. There is not any exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More