CVE-2026-25227

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2026-25227

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-25227.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2026-25227

Aliases

GHSA-qvxx-mfm6-626f

Published

2026-02-12T19:25:26.932Z

Modified

2026-03-01T02:57:21.095549Z

Severity

9.1 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H CVSS Calculator

Summary

authentik affected by Remote Code Execution via Context Key Injection in PropertyMapping Test Endpoint

Details

authentik is an open-source identity provider. From 2021.3.1 to before 2025.8.6, 2025.10.4, and 2025.12.4, when using delegated permissions, a User that has the permission Can view * Property Mapping or Can view Expression Policy is able to execute arbitrary code within the authentik server container through the test endpoint, which is intended to preview how a property mapping/policy works. authentik 2025.8.6, 2025.10.4, and 2025.12.4 fix this issue.

Database specific

{
    "cwe_ids": [
        "CWE-94"
    ],
    "cna_assigner": "GitHub_M",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/25xxx/CVE-2026-25227.json"
}

References

Affected packages

Git / github.com/goauthentik/authentik

Affected ranges

Type

GIT

Repo

https://github.com/goauthentik/authentik

Events

Introduced

32e5ebb8a36833b623582a424943d8f78b34d2d2

Fixed

bce6ba2afa6e021cfb5a8aa6c0e25d97fb7cf254

Database specific

{
    "versions": [
        {
            "introduced": "2021.3.1"
        },
        {
            "fixed": "2025.8.6"
        }
    ]
}

Type

GIT

Repo

https://github.com/goauthentik/authentik

Events

Introduced

6d1c7f90e2da9c2c4bc27a6c8784c4130e6fe822

Fixed

7b0f19465b64905b49357e10dc15abffec3737d0

Fixed

19ad8d3ae3f266ec1096bc4461fdf6bcda1aa079

Database specific

{
    "versions": [
        {
            "introduced": "2025.10.0-rc1"
        },
        {
            "fixed": "2025.10.4"
        },
        {
            "fixed": "2025.12.4"
        }
    ]
}

Affected versions

version/2021.*

version/2021.10.1

version/2021.10.1-rc1

version/2021.10.1-rc2

version/2021.10.1-rc3

version/2021.10.2

version/2021.10.3

version/2021.10.4

version/2021.12.1

version/2021.12.1-rc1

version/2021.12.1-rc2

version/2021.12.1-rc3

version/2021.12.1-rc4

version/2021.12.1-rc5

version/2021.12.2

version/2021.12.3

version/2021.12.4

version/2021.12.5

version/2021.3.1

version/2021.3.2

version/2021.3.3

version/2021.3.4

version/2021.4.1

version/2021.4.1-rc1

version/2021.4.1-rc2

version/2021.4.2

version/2021.4.3

version/2021.4.4

version/2021.4.5

version/2021.5.1

version/2021.5.1-rc1

version/2021.5.1-rc10

version/2021.5.1-rc2

version/2021.5.1-rc3

version/2021.5.1-rc4

version/2021.5.1-rc5

version/2021.5.1-rc6

version/2021.5.1-rc7

version/2021.5.1-rc8

version/2021.5.1-rc9

version/2021.5.2

version/2021.5.3

version/2021.5.4

version/2021.6.1

version/2021.6.1-rc1

version/2021.6.1-rc2

version/2021.6.1-rc3

version/2021.6.1-rc4

version/2021.6.1-rc5

version/2021.6.1-rc6

version/2021.6.2

version/2021.6.3

version/2021.6.4

version/2021.7.1

version/2021.7.1-rc1

version/2021.7.1-rc2

version/2021.7.2

version/2021.7.3

version/2021.8.1

version/2021.8.1-rc1

version/2021.8.1-rc2

version/2021.8.2

version/2021.8.3

version/2021.8.4

version/2021.9.1

version/2021.9.1-rc1

version/2021.9.1-rc2

version/2021.9.1-rc3

version/2021.9.2

version/2021.9.3

version/2021.9.4

version/2021.9.5

version/2021.9.6

version/2021.9.7

version/2021.9.8

version/2022.*

version/2022.1.1

version/2022.1.2

version/2022.1.3

version/2022.1.4

version/2022.1.5

version/2022.10.0

version/2022.10.1

version/2022.11.0

version/2022.11.1

version/2022.11.2

version/2022.11.3

version/2022.11.4

version/2022.12.0

version/2022.12.1

version/2022.12.2

version/2022.2.1

version/2022.3.1

version/2022.3.2

version/2022.3.3

version/2022.4.1

version/2022.5.1

version/2022.5.2

version/2022.5.3

version/2022.6.1

version/2022.6.2

version/2022.6.3

version/2022.7.1

version/2022.7.2

version/2022.7.3

version/2022.8.1

version/2022.8.2

version/2022.9.0

version/2023.*

version/2023.1.0

version/2023.1.1

version/2023.1.2

version/2023.10.0

version/2023.10.1

version/2023.10.2

version/2023.2.0

version/2023.2.1

version/2023.2.2

version/2023.5.0

version/2023.5.1

version/2023.5.2

version/2023.5.3

version/2023.6.0

version/2023.6.1

version/2023.8.0

version/2023.8.1

version/2023.8.2

version/2023.8.3

version/2024.*

version/2024.6.0

version/2024.6.0-rc1

version/2024.6.0-rc2

version/2025.*

version/2025.10.0

version/2025.10.0-rc1

version/2025.10.0-rc2

version/2025.10.0-rc3

version/2025.10.1

version/2025.10.2

version/2025.10.3

version/2025.8.0

version/2025.8.0-rc1

version/2025.8.0-rc2

version/2025.8.0-rc3

version/2025.8.0-rc4

version/2025.8.0-rc5

version/2025.8.0-rc6

version/2025.8.0-rc7

version/2025.8.1

version/2025.8.2

version/2025.8.3

version/2025.8.4

version/2025.8.5

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-25227.json"