Highrissson

**Name of the Vulnerable Software and Affected Versions** authentik versions prior to 2025.12.6 authentik versions prior to 2026.2.4 authentik versions prior to 2026.5.1 **Description** An attacker who has the ability to modify a source connection and possesses an account in one of the configured sources can log into any account within the identity provider. **Recommendations** Update to version 2025.12.6. Update to version 2026.2.4. Update to version 2026.5.1.