以下是关于漏洞的关键信息: CVE-2025-64708 Summary Vulnerability: Invitation expiry delay Reported by: @melizeche (github.com/melizeche) Description: In previous authentik versions, invitations were considered valid regardless of expiration status. This relied on background tasks to clean up expired invitations. Key Points Invitation delay: Invitations can be used even after their expiration time. Cleanup delay: The cleanup process for expired invitations may take up to 5 minutes. Fixes Authentik versions: - 2025.8.5 - 2025.10.2 Workaround: Implement a custom policy to validate invitation expiry explicitly. Code Changes Files Changed: - - - Updates: A new filter allows checking for non-expired invitations. Tests validate expiration behavior.