capgo
OSS Librariespackage-ecosystem
Latest CVEs
The 15 most recently published vulnerabilities affecting capgo.
- CVE-2026-56334Capgo - Missing UPDATE RLS Policy for Build Status Persistence4.3
- CVE-2026-56333Capgo - Server-Side Validation Bypass via Direct Browser-Side Organization Security Settings Updates4.3
- CVE-2026-56328Capgo - Integrity Issue in Release Routing via Multiple Public Channels6.5
- CVE-2026-56331Capgo - Improper Error Handling in Accept Invitation Endpoint via Invalid Magic String5.3
- CVE-2026-56327Capgo - Unauthenticated Organization Existence Oracle via public.invite_user_to_org RPC5.3
- CVE-2026-56320Capgo - Org/App Scope Mismatch in Device Creation Endpoint7.1
- CVE-2026-56300Capgo - Unauthenticated API Key Validity and Permission Oracle via RPC Functions7.5
- CVE-2026-56318Capgo - Information Disclosure via /private/validate_password_compliance Endpoint5.3
- CVE-2026-56286Capgo - Account Deletion Without Password Confirmation8.1
- CVE-2026-56249Capgo - Unauthorized Channel Overwrite and Ownership Takeover via POST /channel Name Collision7.6
- CVE-2026-56233Capgo - SSRF and Privilege Escalation via Path Traversal in Builder Upload Proxy8.3
- CVE-2026-56247Capgo - Privilege Escalation via Cross-Scope RBAC Role Assignment8.8
- CVE-2026-56230Capgo - Broken Object Level Authorization via x-limited-key-id Header8.8
- CVE-2026-56224Capgo - Login CSRF and Session Fixation via URL Query Parameters5.4
- CVE-2026-56219Capgo - Unauthenticated RBAC Bindings and Email Disclosure via get_org_user_access_rbac NULL-auth Bypass7.5