See https://docs.goauthentik.io/docs/releases/2025.12#fixed-in-2025126
What's Changed
- website/docs: fix email link in CVE-2026-40166 (cherry-pick #22331 to version-2025.12) by @authentik-automation[bot] in #22332
- enterprise/stages/mtls: freeze time for expired certs (cherry-pick #22411 to version-2025.12) by @authentik-automation[bot] in #22413
- root: configure freezegun to exclude cryptography (cherry-pick #22442 to version-2025.12) by @authentik-automation[bot] in #22446
- enterprise/stages/mtls: attempt fix freezegun (cherry-pick #22474 to version-2025.12) by @authentik-automation[bot] in #22499
- outposts: fix stale version in OutpostState (cherry-pick #22487 to version-2025.12) by @authentik-automation[bot] in #22503
- ci: fix docs not having correct js version setup (2025.12) by @BeryJu in #22717
- tenants: fix test teardown (version-2025.12) by @gergosimonyi in #22714
- security: automated internal backport of patch GHSA-wr38-7xg8-fqxr.sec.patch to authentik-2025.12 by @authentik-automation[bot] in #22724
- security: automated internal backport of patch GHSA-xp7f-xjjx-gwm8.sec.patch to authentik-2025.12 by @authentik-automation[bot] in #22725
- security: automated internal backport of patch GHSA-c3m2-jqmq-pvp3.sec.patch to authentik-2025.12 by @authentik-automation[bot] in #22723
Full Changelog: version/2025.12.5...version/2025.12.6