CVE security advisories and vulnerability history for authentik by goauthentik.
36
Total CVEs
Published
0
In CISA KEV
Exploited in the wild
4
Public exploits
With known exploit
7.7
Avg CVSS
2022–2026
Last updated
Overview
goauthentik authentik has 36 published CVE records since 2022, of which 0 are in CISA's Known Exploited Vulnerabilities catalog and 4 have a known public exploit. The average CVSS base score across scored CVEs is 7.7.
This page aggregates every publicly disclosed vulnerability (CVE) affecting goauthentik authentik, with a severity breakdown, the affected and patched versions, the most common weakness types, and the full CVE list.
Severity and exploitation
How the CVSS severity of goauthentik authentik's CVEs breaks down, plus how many are exploited in the wild or have public exploit code.
Critical7
High17
Medium12
Low0
In CISA’s Known Exploited Vulnerabilities catalog
0
None of goauthentik authentik's CVEs are currently listed in CISA's KEV catalog.
Public exploits
4
4 of goauthentik authentik's CVEs have a known public exploit available.
Affected versions and CVEs
Browse every goauthentik authentik version named in a CVE, then pick one to see only the CVEs that affect it.
Common questions about goauthentik authentik vulnerabilities.
How many CVEs does goauthentik authentik have?
goauthentik authentik has 36 published CVE records since 2022.
How many goauthentik authentik CVEs are in CISA KEV?
None of goauthentik authentik's CVEs are currently listed in CISA's Known Exploited Vulnerabilities catalog.
Are there public exploits for goauthentik authentik vulnerabilities?
Yes — 4 of goauthentik authentik's CVEs have a known public exploit.
Which versions of goauthentik authentik are affected?
487 distinct goauthentik authentik versions are named across its CVEs. Use the version filter above to see the CVEs affecting a specific version.
What are the most common weakness types in goauthentik authentik CVEs?
goauthentik authentik's CVEs most often map to these CWE weakness types: CWE-287 (Improper Authentication), CWE-79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')), CWE-863 (Incorrect Authorization), CWE-269 (Improper Privilege Management).
How many critical goauthentik authentik vulnerabilities are there?
goauthentik authentik has 7 critical and 17 high-severity CVEs.
What is the average severity of goauthentik authentik CVEs?
The average CVSS base score across goauthentik authentik's scored CVEs is 7.7.
