EUVD-2026-38370

Capgo before 12.128.2 contains an authorization bypass vulnerability in the public.getcurrentplanmaxorg RPC function that allows unauthenticated attackers to retrieve arbitrary organization plan limits. Attackers can call the RPC endpoint with any organization UUID using only the public Supabase...

CVE-2026-56311

Capgo (before 12.128.2) contains an authorization bypass in public.get_current_plan_max_org RPC that allows unauthenticated access to arbitrary organization plan limits. An attacker can call the RPC with any organization UUID using only the public Supabase key to disclose billing information (MAU...

CVE-2026-56255

Capgo before 12.128.2 contains a denial-of-service vulnerability in POST /app/demo that lets authenticated users with org write permissions create unlimited demo apps without rate limiting or quotas. Each request can trigger around 138 database write operations, leading to degraded performance, h...

CVE-2026-56424

MISP core contained multiple broken access-control flaws where authorization checks were performed against the wrong entity, or where ownership/editability checks were missing on write paths. In affected subsystems, a lower-privileged authenticated user with the relevant feature permission could...

CVE-2026-54099

The CVE-2026-54099 entry describes a vulnerability in the Windows Machine Config Operator (WMCO) for Red Hat OpenShift. The WICD CSR auto-approver only checks that a CSR’s organization includes system:wicd-nodes and does not reject extra organization values such as system:masters. A compromised W...

EUVD-2026-38227

MISP core contained multiple broken access-control flaws where authorization checks were performed against the wrong entity, or where ownership/editability checks were missing on write paths. In affected subsystems, a lower-privileged authenticated user with the relevant feature permission could...

CVE-2026-56424

CVE-2026-56424 affects MISP core and describes multiple broken access-control flaws where authorization checks target the wrong entity or where ownership checks are missing on write paths. In affected subsystems, a lower-privileged authenticated user with relevant feature permissions could cause ...

EUVD-2026-38226

MISP Core contained broken access-control checks in the bulk deletion flows for Event Reports and Sharing Groups. The affected deleteSelection handlers authorized deletion using broad role-level permissions instead of validating authorization for each selected object. For Event Reports,...

CVE-2026-56423

Summary: CVE-2026-56423 affects MISP Core where bulk deletion (Event Reports and Sharing Groups) used broad role permissions instead of per-object authorization checks, enabling instance-wide deletions by eligible users. What was vulnerable: EventReportsController::deleteSelection relied on the g...

CVE-2026-56422 MISP Core: Mass Assignment and Object Re-ownership via Unvalidated Request Fields

Multiple MISP core controllers and model capture paths accepted client-controlled request fields such as primary keys id and ownership/scope foreign keys eventid, orgid, userid, sharinggroupid, galaxyclusteruuid, organisationuuid, and related nested object identifiers without consistently...

Github Enterprise Authenticated Remote Code Execution

An unsafe reflection vulnerability was identified in GitHub Enterprise Server that could lead to reflection injection. This vulnerability could lead to the execution of user-controlled methods and remote code execution. To exploit this bug, an actor would need to be logged into an account on the...

CVE-2026-56253

Capgo before 12.128.2 contains an improper access control vulnerability in the public.getorgmembers RPC function that allows unauthenticated attackers to enumerate organization members. Attackers can invoke the endpoint using only the public sbpublishable key and an organization UUID to retrieve...

CVE-2026-56242

Capgo before 12.128.2 contains an unauthenticated security definer RPC function getidentityapikeyonly that returns the owning userid for supplied API keys, creating an API key validity oracle and user identity disclosure primitive. Attackers can call this endpoint with valid or invalid API keys t...

CVE-2026-56253

Capgo before 12.128.2 contains an improper access control vulnerability in the public.getorgmembers RPC function that allows unauthenticated attackers to enumerate organization members. Attackers can invoke the endpoint using only the public sbpublishable key and an organization UUID to retrieve...

CVE-2026-56253

Capgo is affected by an improper access control vulnerability in the public.get_org_members RPC prior to version 12.128.2. unauthenticated attackers can enumerate organization members by calling the endpoint with a public sb_publishable_* key and an organization UUID, exposing emails, user IDs, r...

CVE-2026-56253 Capgo - Unauthenticated Organization Member Email Disclosure via get_org_members RPC

Capgo before 12.128.2 contains an improper access control vulnerability in the public.getorgmembers RPC function that allows unauthenticated attackers to enumerate organization members. Attackers can invoke the endpoint using only the public sbpublishable key and an organization UUID to retrieve...

CVE-2026-56251

Capgo before 12.128.2 contains a broken row level security policy in the orgusers table that allows authenticated users to elevate privileges from admin to superadmin. Attackers can exploit the insufficient RLS enforcement to gain unauthorized superadmin access and compromise system security...

CVE-2026-56242 Capgo - Unauthenticated API Key Validity Oracle and User Identity Disclosure via get_identity_apikey_only RPC

Capgo before 12.128.2 contains an unauthenticated security definer RPC function getidentityapikeyonly that returns the owning userid for supplied API keys, creating an API key validity oracle and user identity disclosure primitive. Attackers can call this endpoint with valid or invalid API keys t...

EUVD-2026-38167

Capgo before 12.128.2 contains an unauthenticated security definer RPC function getidentityapikeyonly that returns the owning userid for supplied API keys, creating an API key validity oracle and user identity disclosure primitive. Attackers can call this endpoint with valid or invalid API keys t...

CVE-2026-56242

Capgo before 12.128.2 contains an unauthenticated security definer RPC function getidentityapikeyonly that returns the owning userid for supplied API keys, creating an API key validity oracle and user identity disclosure primitive. Attackers can call this endpoint with valid or invalid API keys t...