Lucene search
K

4 matches found

CVE
CVE
added 2026/06/20 3:24 p.m.23 views

CVE-2026-56228

Capgo before 12.128.2 is vulnerable to improper password policy length validation. An authenticated organization administrator can set an extremely large minimum password length value, causing all users to fail password changes and effectively lock out the organization, resulting in an applicatio...

6.9CVSS5.9AI score0.00272EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/20 12:34 a.m.9 views

EUVD-2026-38094

Capgo before 12.128.2 contains a flaw in the Enforce Password Policy feature: after a Super Admin enables the policy and successfully changes their password to a compliant one, the backend does not update the password-compliance state. As a result, the backend continues to treat the account as...

6.9CVSS5.9AI score0.00299EPSS
Exploits0References3
CVE
CVE
added 2026/06/19 9:39 p.m.16 views

CVE-2026-56080

Capgo before 12.128.2 has an Enforce Password Policy flaw: after a Super Admin enables the policy and sets a compliant password, the backend does not update the password‑compliance state, so the account remains non‑compliant and the system repeatedly prompts for password resets, effectively locki...

6.9CVSS5.9AI score0.00299EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.19 views

PT-2026-51038

Name of the Vulnerable Software and Affected Versions Capgo versions prior to 12.128.2 Description A flaw exists in the Enforce Password Policy feature. When a Super Admin enables this policy and updates their password to a compliant one, the backend fails to update the password-compliance state...

6.9CVSS5.9AI score0.00299EPSS
Exploits0References7
Rows per page
Query Builder