2 matches found
CVE-2026-56242
Capgo before 12.128.2 contains an unauthenticated security definer RPC function getidentityapikeyonly that returns the owning userid for supplied API keys, creating an API key validity oracle and user identity disclosure primitive. Attackers can call this endpoint with valid or invalid API keys t...
CVE-2026-56242
Technical details beyond the provided description are not publicly available in the supplied documents. Monitor for updates for vulnerability specifics, affected versions, impact, and remediations.