Vulnerabilidades en capgo
46 resultadosCVE-2026-56299MEDIUMCapgo - Denial of Service via Unauthenticated OPTIONS Request to /build/upload EndpointEPSS 0.4%CVE-2026-56323HIGHCapgo - Unauthenticated Channel Enumeration and App Oracle via GET /channel_selfEPSS 0.4%CVE-2026-56222HIGHCapgo - Cross-Organization App Takeover via Mismatched org_id and app_id in /private/role_bindingsEPSS 0.4%CVE-2026-56322HIGHCapgo - Information Disclosure via Unauthenticated /updates defaultChannel ParameterEPSS 0.3%CVE-2026-56321MEDIUMCapgo - Missing Authentication Middleware on GET /private/role_bindings EndpointEPSS 0.3%CVE-2026-56214HIGHCapgo - Unauthenticated Organization Enumeration and Billing Status Disclosure via Supabase RPCEPSS 0.3%CVE-2026-56314HIGHCapgo - Deleted Bundle Selection via Missing Deletion Filter in /updates EndpointEPSS 0.3%CVE-2026-56237CRITICALCapgo - Unauthenticated API Key Generation via Client-Side Parameter ManipulationEPSS 0.3%CVE-2026-56225HIGHCapgo - Authorization Bypass in API Key Management via App-Limited KeysEPSS 0.3%CVE-2026-56338MEDIUMCapgo - Denial of Service in 2FA Email Verification via /auth/v1/otp EndpointEPSS 0.3%CVE-2026-56243HIGHCapgo - Hashed API Key Enforcement Bypass via PostgREST/RLS PlaneEPSS 0.3%CVE-2026-56228MEDIUMCapgo - Denial of Service via Improper Password Policy Length ValidationEPSS 0.3%CVE-2026-56255MEDIUMCapgo - Denial of Service via Unlimited Demo App CreationEPSS 0.3%CVE-2026-56324HIGHCapgo - Rate Limit Bypass via User-Controlled device_id ParameterEPSS 0.3%CVE-2026-56232HIGHCapgo - Subkey Scope Bypass in middlewareKey via x-limited-key-id HeaderEPSS 0.3%CVE-2026-56311MEDIUMCapgo - Unauthenticated Cross-Tenant Disclosure via get_current_plan_max_org RPCEPSS 0.3%CVE-2026-56337MEDIUMCapgo - Information Disclosure via Unauthenticated RPC Function exist_app_v2EPSS 0.3%CVE-2026-56242HIGHCapgo - Unauthenticated API Key Validity Oracle and User Identity Disclosure via get_identity_apikey_only RPCEPSS 0.3%CVE-2026-53868HIGHCapgo < 12.128.2 - Denial of Service via Unverified Email Account Registration and DeletionEPSS 0.3%CVE-2026-56306MEDIUMCapgo - Subkey Enforcement Bypass via x-limited-key-id Header ParsingEPSS 0.3%