CVE-2025-53942 | goauthentik prior 2025.4.3/2025.4.4/2025.6.4 OAuth/SAML request.context[“pending_user”].is_active privileges management

A vulnerability was found in goauthentik authentik. It has been rated as critical. Affected by this issue is the function request.context[“pending_user”].is_active of the component OAuth/SAML. The manipulation leads to improper privilege management.

This vulnerability is handled as CVE-2025-53942. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More