Authorization bypass through user-controlled key in authentik - CVE-2026-61574

 

Authorization bypass through user-controlled key in authentik - CVE-2026-61574

Published: July 17, 2026


Vulnerability identifier: #VU138384
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2026-61574
CWE-ID: CWE-639
Exploitation vector: Remote access
Exploit availability: No public exploit available
Vendor: Authentik Security Inc
Affected software:
authentik

Detailed vulnerability description

The vulnerability allows a remote user to disclose sensitive information.

The vulnerability exists due to authorization bypass through user-controlled key in the RAC endpoint list endpoint when handling requests for configured endpoints. A remote user can request the endpoint list to disclose sensitive information.

Only deployments using the enterprise Remote Access Control provider are affected, and credential exposure occurs when connection credentials are stored for endpoints.


How to mitigate CVE-2026-61574

Install security update from vendor's website.

Sources