A vulnerability classified as problematic has been found in goauthentik authentik up to 2025.12.4/2026.2.2/2026.5.0 . This issue affects some unknown processing of the component Source ACS Endpoint . Performing a manipulation results in reachable assertion. This vulnerability is identified as CVE-2026-47201 . The attack can be initiated remotely. There is not any exploit available. It is recommended to upgrade the affected component.