Primary

Context

Authentik SAML Assertion Validation Vulnerability Allowing Replay of Expired Assertions

Vulnerability

Patched

A vulnerability exists in authentik, an open-source identity provider, in versions prior to 2025.12.5 and 2026.2.3. The issue arises in the SAML source response processor, specifically in the 'ResponseProcessor.parse()' method', which fails to validate the 'Conditions' element on assertions. This oversight allows the replay of expired assertions and the acceptance of assertions meant for other service providers.

Impact

Exploitation of this vulnerability allows users to replay valid SAML assertions at any time, even after the assertions have expired.

Remediation

Users can upgrade to authentik versions 2025.12.5 or 2026.2.3 to address this vulnerability. For versions prior to 2025.12.5 and 2026.2.3, a workaround is available.

Added: Jun 2, 2026, 8:33 PM

Updated: Jun 2, 2026, 8:33 PM

Vulnerability Rating

Custom Algorithm

spread

2.2

impact

1.3

exploitability

6.2

remediation

7.7

relevance

9.8

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.2

impact

1.3

exploitability

6.2

remediation

7.7

relevance

9.8

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Authentik SAML Assertion Validation Vulnerability Allowing Replay of Expired Assertions

Vulnerability

Impact

Remediation

Affected Products

authentik

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating