30 matches found
CVE-2026-56300 Capgo - Unauthenticated API Key Validity and Permission Oracle via RPC Functions
Capgo before 12.128.2 contains unauthenticated security definer RPC functions getuserid and getorgpermforapikey that expose API key validity oracles and user UUID disclosure. Unauthenticated attackers using the public API key can validate leaked keys, enumerate users and apps, and determine...
CVE-2026-56337
Capgo before 12.128.2 contains an information disclosure vulnerability in the public.existappv2 RPC function that allows unauthenticated attackers to enumerate appids by calling POST /rest/v1/rpc/existappv2 with arbitrary appid parameters. Remote attackers can exploit this SECURITY DEFINER functi...
CVE-2026-56319
CVE-2026-56319 affects Capgo prior to 12.128.2. The issue is an information disclosure in GET /statistics/app/:app_id that lets app-limited API keys distinguish existing sibling app IDs by observing differential error responses (500 PGRST116 for inaccessible apps vs 401 for nonexistent apps), bre...
PT-2026-51149
Name of the Vulnerable Software and Affected Versions capgo versions prior to 12.128.2 Description An authorization bypass exists in several Supabase PostgREST RPC functions: get app metrics, get global metrics, and get total metrics. These functions are granted to the anon role without enforcing...
CVE-2026-28882
This issue was addressed with improved checks. This issue is fixed in iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. An app may be able to enumerate a user's installed apps...
PT-2026-7791
Name of the Vulnerable Software and Affected Versions iOS versions prior to 26.3 iPadOS versions prior to 26.3 iOS versions prior to 18.7.5 iPadOS versions prior to 18.7.5 Description An application may be capable of listing the applications installed on a user's device. The issue was addressed b...
Apple iOS和Apple iPadOS 安全漏洞
Apple iOS and Apple iPadOS are products of the American company Apple. Apple iOS is an operating system developed for mobile devices. Apple iPadOS is an operating system for iPad tablets. Both Apple iOS and Apple iPadOS have security vulnerabilities, which stem from improper log cleanup. These...
PT-2026-3265
A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 18.3 and iPadOS 18.3. An app may be able to enumerate a user's installed apps...
About the security content of watchOS 26.1
About the security content of watchOS 26.1 This document describes the security content of watchOS 26.1. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are availabl...
EUVD-2025-14782
Malicious code in bioql PyPI...
EUVD-2024-38668
Malicious code in bioql PyPI...
EUVD-2025-8930
Malicious code in bioql PyPI...
CVE-2024-40830
This issue was addressed with improved data protection. This issue is fixed in iOS 18 and iPadOS 18. An app may be able to enumerate a user's installed apps...
CVE-2025-31207
A logic issue was addressed with improved checks. This issue is fixed in iOS 18.5 and iPadOS 18.5. An app may be able to enumerate a user's installed apps...
CVE-2025-31207
A logic issue was addressed with improved checks. This issue is fixed in iOS 18.5 and iPadOS 18.5. An app may be able to enumerate a user's installed apps...
CVE-2025-31207
CVE-2025-31207 is an Apple logic issue affecting iOS and iPadOS where an app may enumerate a user’s installed apps. The connected documentation confirms the vulnerability and that it is addressed in iOS 18.5 and iPadOS 18.5 with “improved checks.” The NVD/Red Hat/NCSC entries repeat the same desc...
CVE-2025-31207
A logic issue was addressed with improved checks. This issue is fixed in iOS 18.5 and iPadOS 18.5. An app may be able to enumerate a user's installed apps...
CVE-2025-31207
A logic issue was addressed with improved checks. This issue is fixed in iOS 18.5 and iPadOS 18.5. An app may be able to enumerate a user's installed apps...
Apple iOS和Apple iPadOS 安全漏洞
Apple iOS and Apple iPadOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for the iPad tablet computer. A security vulnerability exists in Apple iOS and Apple iPadOS, which arises from insufficient logical checks...
CVE-2025-30426
This issue was addressed with additional entitlement checks. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, tvOS 18.4, visionOS 2.4, watchOS 11.4. An app may be able to enumerate a user's installed apps...