{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-05T03:32:55.448","vulnerabilities":[{"cve":{"id":"CVE-2026-25227","sourceIdentifier":"security-advisories@github.com","published":"2026-02-12T20:16:10.313","lastModified":"2026-02-19T15:25:12.283","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"authentik is an open-source identity provider. From 2021.3.1 to before 2025.8.6, 2025.10.4, and 2025.12.4, when using delegated permissions, a User that has the permission Can view * Property Mapping or Can view Expression Policy is able to execute arbitrary code within the authentik server container through the test endpoint, which is intended to preview how a property mapping/policy works. authentik 2025.8.6, 2025.10.4, and 2025.12.4 fix this issue."},{"lang":"es","value":"authentik es un proveedor de identidad de código abierto. Desde 2021.3.1 hasta antes de 2025.8.6, 2025.10.4 y 2025.12.4, al usar permisos delegados, un Usuario que tiene el permiso Can view * Property Mapping o Can view Expression Policy es capaz de ejecutar código arbitrario dentro del contenedor del servidor authentik a través del endpoint de prueba, el cual está destinado a previsualizar cómo funciona un mapeo de propiedades/política. authentik 2025.8.6, 2025.10.4 y 2025.12.4 solucionan este problema."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.3,"impactScore":6.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Primary","description":[{"lang":"en","value":"CWE-94"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:goauthentik:authentik:*:*:*:*:*:*:*:*","versionStartIncluding":"2021.3.1","versionEndExcluding":"2025.8.6","matchCriteriaId":"9B75021A-6847-4AB0-8D73-BE045EC341B0"},{"vulnerable":true,"criteria":"cpe:2.3:a:goauthentik:authentik:*:*:*:*:*:*:*:*","versionStartIncluding":"2025.10.0","versionEndExcluding":"2025.10.4","matchCriteriaId":"4B646FA7-6B60-4018-9EA8-0C3C4F18BC21"},{"vulnerable":true,"criteria":"cpe:2.3:a:goauthentik:authentik:*:*:*:*:*:*:*:*","versionStartIncluding":"2025.12.0","versionEndExcluding":"2025.12.4","matchCriteriaId":"A59D4BC9-5FAE-4A4F-A109-D754BD80A10C"}]}]}],"references":[{"url":"https://github.com/goauthentik/authentik/commit/c691afaef164cf73c10a26a944ef2f11dbb1ac80","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/goauthentik/authentik/releases/tag/version%2F2025.10.4","source":"security-advisories@github.com","tags":["Product","Release Notes"]},{"url":"https://github.com/goauthentik/authentik/releases/tag/version%2F2025.12.4","source":"security-advisories@github.com","tags":["Product","Release Notes"]},{"url":"https://github.com/goauthentik/authentik/releases/tag/version%2F2025.8.6","source":"security-advisories@github.com","tags":["Product","Release Notes"]},{"url":"https://github.com/goauthentik/authentik/security/advisories/GHSA-qvxx-mfm6-626f","source":"security-advisories@github.com","tags":["Mitigation","Vendor Advisory"]}]}}]}