CVE-2026-40165 – authentik

CVSS 8.7 IMPORTANT

“Identity platform weaknesses can quickly become enterprise-wide access risk.”

goauthentik released patches for two high-severity vulnerabilities affecting authentik. CVE-2026-40165 has a CVSS score of 8.7, which is High severity. CVE-2026-40172 has a CVSS score of 8.1, which is High severity.

The vulnerabilities involve authentication, interpretation, and privilege management weaknesses that could allow attackers to gain elevated privileges in affected authentik environments. The updates strengthen identity controls and reduce the risk of unauthorized access across connected systems.

Key Details

Attack Vector: Network
Attack Complexity: High
Privileges Required: None
User Interaction: None
CWE Classification: CWE-91

Patch this CVE on all your endpoints in under 5 minutes. First 200 endpoints are free forever, scale as needed.

CVE-2026-40165 – authentik

Key Details

Stay Tuned

PLATFORM

SOLUTIONS

RESOURCES

COMPANY

LEGAL

CONTACTS

+1-346-444-8530

Toll Free: 833-444-8530

708 Main St, 10th FL, Houston, TX 77002