B3NCLOUD ARTICLE INTELLIGENCE

ARTICLEVIEW

Zurück zu News

CVE-2026-56300 - Capgo - Unauthenticated API Key Validity and Permission Oracle via RPC Functions

CVE ID :CVE-2026-56300 Published : June 30, 2026, 10:08 p.m. | 1 hour, 4 minutes ago Description :Capgo before 12.128.2 contains unauthenticated security definer RPC functions get_user_id and get_org_perm_for_apikey that expose API key validity oracles and user UUID disclosure....

Original-Artikel öffnen Zurück zur Übersicht