2 matches found
EUVD-2026-40442
Capgo before 12.128.2 lacks an UPDATE row-level security policy for the buildrequests table, preventing API-key and anonymous access from persisting builder status updates. Attackers can exploit this missing policy to cause build status and error details to remain unpersisted, leaving buildreques...
CVE-2026-56334
Capgo before 12.128.2 is affected by an insufficient UPDATE row-level security (RLS) policy on the build_requests table. The missing policy allows API-key and anonymous access to persist builder status updates to be blocked or unpersisted, resulting in build status and error details remaining in ...