Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 12+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Examples: RCE · SSRF · GHSA · log4j
Filter
Clear filters
Critical
authentik CVE-2026-25227 Authenticated RCE via Property Mapping
CVE-2026-25227 · github.com · 2026-02-21
authentik
Read more
High
authentik Forward Auth Bypass via Malformed Cookie (CVE-2026-25748)
CVE-2026-25748 · github.com · 2026-02-21
authentik <= 2025.10.3 · authentik <= 2025.12.3
Read more
Critical
authentik CVE-2026-25227 Critical Authenticated RCE via Property Mapping Test Endpoint
CVE-2026-25227 · github.com · 2026-02-21
authentik >= 2021.3.1
Read more
High
authentik CVE-2025-64708 Invitation Expiry Delay Vulnerability
CVE-2025-64708 · github.com · 2025-11-20
goauthentik/authentik <= 2025.10.1 · goauthentik/authentik <= 2025.8.4
Read more
High
Authentik CVE-2025-64708 Invitation Expiry Validation Bypass
CVE-2025-64708 · github.com · 2025-11-20
authentik (prior to 2025.8.5 and 2025.10.2)
Read more
High
authentik CVE-2022-46145: Unauthenticated User Creation and Account Takeover
CVE-2022-46145 · github.com · 2025-11-09
authentik < 2022.11.2 · authentik < 2022.10.2
Read more
authentik OAuth/SAML Authentication Bypass via Inactive Account Check (CVE-2025-53942)
github.com · 2025-07-26

### Critical Vulnerability Information #### Vulnerability Title - **Insufficient check for account active status when authenticating with OAuth/SAML Sources** #### Severity - **Severity**: High (7.1/1…

Read more
authentik CVE-2023-5194 Authentication Bypass Vulnerability and Fix Analysis
github.com · 2025-07-26

### Critical Vulnerability Information #### Vulnerability ID - **CVE-2023-5194** #### Affected Versions - **authentik 2023.4.4 and 2022.4.4** #### Vulnerability Description - **Issue**: During the use…

Read more
authentik RAC Session Token Validation Bypass Fix (CVE-2023-5253)
github.com · 2025-07-06

### Key Information #### Vulnerability Details - **CVE ID**: CVE-2023-5253 - **Reporter**: SPIBEL-Vorlage (https://github.com/spibel) - **Vulnerability Type**: Insufficient session validation, targeti…

Read more
authentik CVE-2024-52307 Timing Attack on Metrics View Leading to SECRET_KEY Brute Force
github.com · 2024-11-24

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Description**: - **Vulnerability Type**: Timing attack due to a lack of constant…

Read more
authentik Insufficient OAuth Scopes Validation (CVE-2024-52287)
github.com · 2024-11-24

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Description**: - **Vulnerability Name**: Insufficient validation of OAuth scopes…

Read more
authentik OAuth2 Redirect URI Insecure Default Config (CVE-2024-52289)
github.com · 2024-11-24

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Description**: - **Title**: Insecure default configuration for OAuth2 Redirect U…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.