CVE-2026-56241 Capgo - RBAC Demotion Privilege Retention via Stale org_users.user_right
Capgo before 12.128.2 contains a privilege escalation vulnerability where demoted superadmin users retain access to deletenoncompliantbundles and countnoncompliantbundles RPCs due to stale orgusers.userright column not being cleared during role binding deletion. Attackers can exploit this by...