3 matches found
CVE-2026-56079
Capgo before 12.128.2 contains a cross-tenant authorization bypass in PostgREST endpoints that lets org-scoped read API keys access other tenants’ webhook secrets and delivery logs. Attackers can query webhooks and webhook_deliveries to exfiltrate HMAC signing secrets and delivery payloads, enabl...
PT-2026-51037
Name of the Vulnerable Software and Affected Versions Capgo versions prior to 12.128.2 Description A cross-tenant authorization bypass exists in PostgREST endpoints. This issue allows API keys with organization-level read permissions to access webhook secrets and delivery logs belonging to other...
PT-2024-31597 · Unknown · Computer Vision Annotation Tool
Name of the Vulnerable Software and Affected Versions: Computer Vision Annotation Tool CVAT versions prior to 2.18.0 Description: The Computer Vision Annotation Tool CVAT is an interactive video and image annotation tool for computer vision. An attacker with a CVAT account can access webhook...