authentik: 2022.12.3 → 2025.12.6
authentik · upgrade impact · Official site ↗
Fixed by upgrading to 2025.12.6 iVulnerabilities that affect 2022.12.3 but no longer affect 2025.12.6 — the security gain from this upgrade, by exploited status then exploitation probability.
Exploited first, then by exploitation probability (EPSS).
CVE-2023-48228 HIGH EPSS 1% ✓ cleared in 2025.12.6 CVE-2024-52289 CRITICAL EPSS 1% ✓ cleared in 2025.12.6 CVE-2024-37905 HIGH EPSS 1% ✓ cleared in 2025.12.6 CVE-2023-46249 CRITICAL EPSS 1% ✓ cleared in 2025.12.6 CVE-2026-25227 CRITICAL EPSS 1% ✓ cleared in 2025.12.6 CVE-2024-38371 HIGH EPSS 1% ✓ cleared in 2025.12.6 CVE-2023-36456 HIGH EPSS 1% ✓ cleared in 2025.12.6 CVE-2024-52287 HIGH EPSS 1% ✓ cleared in 2025.12.6 CVE-2024-42490 HIGH EPSS 1% ✓ cleared in 2025.12.6 CVE-2024-47070 CRITICAL EPSS 1% ✓ cleared in 2025.12.6 CVE-2024-23647 MEDIUM EPSS 1% ✓ cleared in 2025.12.6 CVE-2024-52307 MEDIUM EPSS 1% ✓ cleared in 2025.12.6 CVE-2023-39522 MEDIUM EPSS 1% ✓ cleared in 2025.12.6 CVE-2026-25748 HIGH EPSS 0% ✓ cleared in 2025.12.6 CVE-2025-53942 HIGH EPSS 0% ✓ cleared in 2025.12.6 CVE-2025-52553 CRITICAL EPSS 0% ✓ cleared in 2025.12.6 CVE-2024-47077 MEDIUM EPSS 0% ✓ cleared in 2025.12.6 CVE-2025-29928 HIGH EPSS 0% ✓ cleared in 2025.12.6 CVE-2026-42849 CRITICAL EPSS 0% ✓ cleared in 2025.12.6 CVE-2026-49448 CRITICAL EPSS 0% ✓ cleared in 2025.12.6 CVE-2024-11623 MEDIUM EPSS 0% ✓ cleared in 2025.12.6 CVE-2026-47201 HIGH EPSS 0% ✓ cleared in 2025.12.6 CVE-2026-49443 HIGH EPSS 0% ✓ cleared in 2025.12.6 CVE-2026-41577 HIGH EPSS 0% ✓ cleared in 2025.12.6 CVE-2026-25922 HIGH EPSS 0% ✓ cleared in 2025.12.6Still open in 2025.12.6 iKnown vulnerabilities that affect 2025.12.6 too — upgrading to it does not clear these.
These affect 2025.12.6 as well — a later release may be needed.
CVE-2026-41569 MEDIUM EPSS 0% → fixed in 2026.2.3