Endor Patches | CVE-2026-32130: ZITADEL SCIM Authentication Bypass via URL Encoding

Endor Patches | CVE-2026-32130: ZITADEL SCIM Authentication Bypass via URL Encoding

Why This Matters Now The recent release of CVE-2026-32130 has brought significant attention to vulnerabilities in ZITADEL’s SCIM (System for Cross-domain Identity Management) implementation. This particular vulnerability allows attackers to bypass authentication by exploiting URL encoding in SCIM requests. Given the critical nature of SCIM in managing user identities across different systems, this issue poses a substantial risk to organizations relying on ZITADEL for identity management. 🚨 Breaking: CVE-2026-32130 exposes SCIM endpoints to unauthorized access. Apply the latest Endor patches immediately to mitigate this risk. 50+Organizations Affected 24hrsTime to Patch Understanding the Vulnerability CVE-2026-32130 involves a flaw in how ZITADEL processes URL-encoded data in SCIM requests. Attackers can exploit this by sending specially crafted requests that manipulate URL parameters to bypass authentication checks. This can lead to unauthorized access to SCIM endpoints, enabling attackers to create, read, update, or delete user identities without proper authorization. ...

Jul 15, 2026 · 6 min · 1069 words · IAMDevBox