B3NCLOUD ARTICLE INTELLIGENCE

ARTICLEVIEW

Zurück zu News
cvefeed.io
RISK: Mittel (4.0)

CVE-2026-56242 - Capgo - Unauthenticated API Key Validity Oracle and User Identity Disclosure via get_identity_apikey_only RPC

CVE ID :CVE-2026-56242 Published : June 21, 2026, 1:26 p.m. | 1 hour, 43 minutes ago Description :Capgo before 12.128.2 contains an unauthenticated security definer RPC function get_identity_apikey_only that returns the owning user_id for supplied API keys, creating an API key validity oracle...

#Sicherheitslücke
Original-Artikel öffnen Zurück zur Übersicht

VERWANDTEARTIKEL

CVE-2026-56397 - SiYuan - Remote Code Execution via Malicious Bazaar Package Metadata and README

2026-06-21 Mittel

CVE-2026-56396 - phpMyFAQ - Privilege Escalation via Missing Authorization in editUser() and updateUserRights()

2026-06-21 Mittel

CVE-2026-56382 - Craft CMS - Remote Code Execution via Missing Config Sanitization in FieldsController

2026-06-21 Mittel

CVE-2026-56253 - Capgo - Unauthenticated Organization Member Email Disclosure via get_org_members RPC

2026-06-21 Mittel

CVE-2026-56265 - Crawl4AI - Authentication Bypass via Hardcoded JWT Signing Key

2026-06-21 Mittel

CVE-2025-71378 - picklescan - Remote Code Execution via Undetected cProfile.runctx in Pickle Files

2026-06-21 Mittel