CVE-2026-56246 - Capgo - Cross-Organization Authorization Bypass via Scoped API Key Privilege Inheritance
CVE ID :CVE-2026-56246 Published : July 8, 2026, 2:17 p.m. | 57 minutes ago Description :Capgo before 12.128.2 contains a broken access control vulnerability in the organization management API where a scoped API key (limited_to_orgs) inherits its owner-user's permissions, allowing destructive...