Unrated severityNVD Advisory· Published Feb 12, 2026· Updated Feb 17, 2026

authentik has a Signature Verification Bypass via SAML Assertion Wrapping

CVE-2026-25922

Description

authentik is an open-source identity provider. Prior to 2025.8.6, 2025.10.4, and 2025.12.4, when using a SAML Source that has the option Verify Assertion Signature under Verification Certificate enabled and not Verify Response Signature, or does not have the Encryption Certificate setting under Advanced Protocol settings configured, it was possible for an attacker to inject a malicious assertion before the signed assertion that authentik would use instead. authentik 2025.8.6, 2025.10.4, and 2025.12.4 fix this issue.

Affected products

authentik/authentikllm-create
Range: <2025.8.6, <2025.10.4, <2025.12.4
goauthentik/authentikv5
Range: < 2025.8.6

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/goauthentik/authentik/releases/tag/version%2F2025.10.4mitrex_refsource_MISC
github.com/goauthentik/authentik/releases/tag/version%2F2025.12.4mitrex_refsource_MISC
github.com/goauthentik/authentik/releases/tag/version%2F2025.8.6mitrex_refsource_MISC
github.com/goauthentik/authentik/security/advisories/GHSA-jh35-c4cc-wjm4mitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000