CVE-2026-56335 in Capgo정보

요약

\~에 의해 MITRE • 2026. 07. 10.

Capgo before 12.128.2 contains an authorization bypass vulnerability where write-scoped API keys can directly mutate protected channel configuration fields through PostgREST by exploiting a null authentication check in the immutability trigger. Attackers with write API keys can modify sensitive channel attributes such as public, allow_emulator, and security-related flags outside intended application routes.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

책임이 있는

VulnCheck

예약하다

2026. 06. 20.

모더레이션

수락

항목

VDB-377495

EPSS

0.00000

출처

Do you want to use VulDB in your project?

Use the official API to access entries easily!