📦 Zitadel

CVE-2025-67494 is an unauthenticated server-side request forgery (SSRF) vulnerability in ZITADEL identity infrastructure. Attackers can force the ZITADEL Login UI to make HTTP requests to arbitrary in...

This vulnerability in ZITADEL identity management platform allows unauthenticated attackers to bypass organization security controls and perform account takeover. Attackers can use disabled identity p...

This vulnerability allows attackers to bypass multi-factor authentication (MFA) in Zitadel by targeting only the TOTP code without requiring password verification. Users with MFA enabled but without s...

Zitadel identity infrastructure software versions prior to 4.6.0, 3.4.3, and 2.71.18 are vulnerable to online brute-force attacks on OTP, TOTP, and passwords. The lockout mechanism to prevent such att...

Zitadel's Admin API contains Insecure Direct Object Reference (IDOR) vulnerabilities that allow authenticated users without proper IAM roles to modify sensitive settings, including LDAP configurations...

ZITADEL versions 4.0.0-rc.1 through 4.7.0 have a DOM-based XSS vulnerability in the logout endpoint. Unauthenticated attackers can execute malicious JavaScript in users' browsers by exploiting the pos...

This vulnerability allows attackers to hijack password reset links in Zitadel identity management software by manipulating HTTP headers. Attackers can redirect users to malicious domains to capture re...

This vulnerability allows attackers to hijack password reset links in Zitadel identity management software by manipulating HTTP headers. Attackers can redirect users to malicious domains to capture re...

This vulnerability in ZITADEL's Session API allows attackers to repeatedly use idp intents to steal authentication tokens. Attackers with access to the application's URI can authenticate as legitimate...

Zitadel identity infrastructure software has a vulnerability where expired JWT keys can be used to obtain valid access tokens during Authorization Grants. This allows attackers with expired credential...

This vulnerability in Zitadel identity management platform allows deactivated user grants to remain active in tokens, potentially granting unauthorized access to applications and resources. The manage...

ZITADEL authentication management software versions before 2.47.3, 2.46.1, 2.45.1, 2.44.3, 2.43.9, 2.42.15, and 2.41.15 contain a cross-site scripting (XSS) vulnerability in the login UI due to improp...

ZITADEL identity infrastructure systems are vulnerable to account takeover via password reset email manipulation. Attackers can inject malicious Forwarded or X-Forwarded-Host headers to redirect passw...

This vulnerability allows attackers to bypass ZITADEL's lockout policy by initiating parallel password checks, enabling more password attempts than configured. It affects ZITADEL identity infrastructu...

This vulnerability in ZITADEL allows attackers to inject malicious JavaScript into SVG avatar images, potentially enabling account takeover when victims view the image with an active single session. I...

ZITADEL identity management platform versions 2.31.0 through 3.4.6 and 4.0.0 through 4.10.0 have a token validation flaw where truncated OIDC access tokens are incorrectly accepted. This could allow a...

This CVE describes a Server-Side Request Forgery (SSRF) vulnerability in ZITADEL's Action V2 feature that allows attackers to make ZITADEL send requests to internal network endpoints. Organizations us...

CVE-2026-23511 is a user enumeration vulnerability in ZITADEL identity management platform that allows unauthenticated attackers to confirm valid user accounts by testing usernames and userIDs. This a...

ZITADEL versions 2.44.0 through 3.4.4 and 4.0.0-rc.1 through 4.7.1 disclose the total number of instance users to authenticated users regardless of their permissions. This information disclosure vulne...

ZITADEL's 'Ignoring unknown usernames' setting fails to properly hide user existence due to username normalization, allowing attackers to determine if specific usernames exist in the system. This affe...

This vulnerability in Zitadel identity infrastructure software allows attackers to bypass URL validation restrictions and send requests to localhost (127.0.0.1) by using DNS records that resolve to th...

This vulnerability in Zitadel identity management platform allows unauthorized access to applications and projects even after their parent organization or project has been deactivated. Users from othe...

This vulnerability in Zitadel identity management system allows attackers to enumerate valid usernames when the 'Ignoring unknown usernames' security feature is enabled. Due to a database deadlock pre...

Zitadel identity management system versions before patched releases could expose database connection details (database name, username, hostname) to users when database connectivity fails. This informa...