authentik | version/2026.5.3

authentik version/2026.5.3 released on 10-06-2026


authentik version/2026.5.3 is out now. Operators and integrators get backported documentation updates and explicit CVE annotations, while administrators receive a security-related dependency bump to pick up upstream fixes.

See the release notes on the authentik documentation and the full changelog on GitHub for installation and upgrade details: authentik docs · full changelog.

What’s in this release

  • Documentation and release-note updates: backported notes, added OIDC issuer information, updated binding-wizard labels, cleaned proxy provider docs, and explicit marking of CVE-2026-49443 and CVE-2026-49448.
  • Security and dependency update: Django bumped from 5.2.14 to 5.2.15 to include upstream fixes; CVE references added to the docs for operators and auditors.
  • Providers and auth fixes: prevents interactive OAuth from overwriting refresh_token; skips post-logout redirect matching when a provider has no saved redirects; fixes Docker outpost CA cert filter; handles invalid auth type exceptions for the agent connector; and fixes a panic in RADIUS logging.

Upgrade notes

  • No breaking changes are documented for this patch; administrators should upgrade to obtain the Django security fix and to ensure CVEs are tracked in change control. See the documentation for upgrade instructions.
  • If you need to roll back, use your deployment’s rollback procedure and consult the changelog for the individual commits included in this patch.

Share any upgrade experiences or issues on the project’s GitHub issues or the authentik community channels so others can follow what worked or what failed.

Related posts

Weekly Tech Digest | 06 Jul 2026

Stay updated with the latest in tech! This digest covers AI ethics, auto industry shifts, and the impact of politics on technology, exploring today's pressing issues.

wolfCOSE zero-allocation parsing in embedded C

wolfCOSE looks sensible only if you care about what your firmware actually has to carry. I like that, because on small targets the wrong crypto feature can cost more than the message itself, and there...

restic | v0.19.1

restic v0 19 1: safer FUSE mounts and mountpoint checks, robust backup source and exclude handling, clearer CLI JSON output, Windows SFTP deletion fixes