CVE-2026-56232 - Capgo - Subkey Scope Bypass in middlewareKey via x-limited-key-id Header
CVE ID :CVE-2026-56232 Published : June 24, 2026, 11:53 a.m. | 1 hour, 17 minutes ago Description :Capgo before 12.128.2 fails to enforce limited_to_orgs and limited_to_apps constraints on subkeys provided via x-limited-key-id header in middlewareKey function. Attackers can bypass subkey...