CVE-2026-56216 Capgo - Scope Escalation via API Key Creation in /functions/v1/apikey

Capgo before 12.128.2 contains a scope escalation vulnerability in the POST /functions/v1/apikey endpoint that allows app-limited API keys to mint unrestricted keys by setting empty limits. Attackers with a compromised app-limited key can create an unrestricted key with org-wide access to resourc...

CVE-2026-56216

Capgo before 12.128.2 is vulnerable to a scope escalation in POST /functions/v1/apikey where app-limited API keys can mint unrestricted keys by sending empty limits. An compromised app-limited key can create an org-wide, unrestricted key accessing resources such as app listings and protected endp...

NPM: NocoDB: OAuth Token Scope Not Enforced at ACL Layer Allows Scope Escalation

NPM: NocoDB: OAuth Token Scope Not Enforced at ACL Layer Allows Scope Escalation vulnerability discovered by ? in WordPress Npm nocodb versions = 0.301.3...

GHSA-M5QG-RVJQ-727P NocoDB: OAuth Token Scope Not Enforced at ACL Layer Allows Scope Escalation

Summary The OAuth token strategy attached oauthscope and oauthgrantedresources to the request user, but the ACL middleware never consulted either. An OAuth token issued with a restricted scope e.g. MCP-only therefore inherited the full permissions of the underlying user across all routes; the...

NocoDB: OAuth Token Scope Not Enforced at ACL Layer Allows Scope Escalation

Summary The OAuth token strategy attached oauthscope and oauthgrantedresources to the request user, but the ACL middleware never consulted either. An OAuth token issued with a restricted scope e.g. MCP-only therefore inherited the full permissions of the underlying user across all routes; the...

CVE-2026-21621

Incorrect Authorization vulnerability in hexpm hexpm/hexpm 'Elixir.HexpmWeb.API.OAuthController' module allows Privilege Escalation. An API key created with read-only permissions domain: "api", resource: "read" can be escalated to full write access under specific conditions. When exchanging a...

CVE-2026-21621 Improper Scope Enforcement in OAuth client_credentials Flow Allows Read-Only API Key to Escalate to Full Access

Incorrect Authorization vulnerability in hexpm hexpm/hexpm 'Elixir.HexpmWeb.API.OAuthController' module allows Privilege Escalation. An API key created with read-only permissions domain: "api", resource: "read" can be escalated to full write access under specific conditions. When exchanging a...

CVE-2026-21621 Improper Scope Enforcement in OAuth client_credentials Flow Allows Read-Only API Key to Escalate to Full Access

Incorrect Authorization vulnerability in hexpm hexpm/hexpm 'Elixir.HexpmWeb.API.OAuthController' module allows Privilege Escalation. An API key created with read-only permissions domain: "api", resource: "read" can be escalated to full write access under specific conditions. When exchanging a...

UBUNTU-CVE-2024-41942

JupyterHub is software that allows one to create a multi-user server for Jupyter notebooks. Prior to versions 4.1.6 and 5.1.0, if a user is granted the admin:users scope, they may escalate their own privileges by making themselves a full admin user. The impact is relatively small in that...

Cloud Foundry UAA Elevation of Authority Vulnerability

UAA is a multi-tenant identity management service used in Cloud Foundry and can also be used as a standalone OAuth2 server. An elevation of privilege vulnerability exists in Cloud Foundry UAA versions prior to 74.1.0. The vulnerability stems from the fact that UAA can request a scope for a client...