π¨ CVE-2026-56286
Capgo before 12.128.2 contains an authentication bypass vulnerability in the account deletion endpoint that allows deletion without password re-authentication or secondary verification. Attackers can delete user accounts via session hijacking, CSRF attacks, or parameter tampering, resulting in unauthorized account deletion, data loss, and denial-of-service.
π@cveNotify
Capgo before 12.128.2 contains an authentication bypass vulnerability in the account deletion endpoint that allows deletion without password re-authentication or secondary verification. Attackers can delete user accounts via session hijacking, CSRF attacks, or parameter tampering, resulting in unauthorized account deletion, data loss, and denial-of-service.
π@cveNotify
GitHub
Bug Report: Account Deletion Without Password Confirmation β No Re-Authentication Required to Delete Account
Bug Report: Account Deletion Without Password Confirmation β No Re-Authentication Required to Delete Account
Reported by: Vikash Gupta
Severity: High
Category: Authentication / Authorization ...
Reported by: Vikash Gupta
Severity: High
Category: Authentication / Authorization ...
π¨ CVE-2026-56300
Capgo before 12.128.2 contains unauthenticated security definer RPC functions get_user_id and get_org_perm_for_apikey that expose API key validity oracles and user UUID disclosure. Unauthenticated attackers using the public API key can validate leaked keys, enumerate users and apps, and determine permission levels, significantly increasing the actionability of compromised credentials.
π@cveNotify
Capgo before 12.128.2 contains unauthenticated security definer RPC functions get_user_id and get_org_perm_for_apikey that expose API key validity oracles and user UUID disclosure. Unauthenticated attackers using the public API key can validate leaked keys, enumerate users and apps, and determine permission levels, significantly increasing the actionability of compromised credentials.
π@cveNotify
GitHub
Unauthenticated Supabase RPCs expose API key validity + user/org permission oracles (get_user_id, get_org_perm_for_apikey)
## Summary
Two Supabase PostgREST RPC functions are **SECURITY DEFINER** and **executable by `anon`**. They allow an unauthenticated caller (using the public `sb_publishable_*` key) to:
- Validat...
Two Supabase PostgREST RPC functions are **SECURITY DEFINER** and **executable by `anon`**. They allow an unauthenticated caller (using the public `sb_publishable_*` key) to:
- Validat...
π¨ CVE-2026-56318
Capgo before 12.128.2 contains an information disclosure vulnerability in the /private/validate_password_compliance endpoint that returns different error responses for malformed, non-existent, and existing organization IDs. Unauthenticated attackers can enumerate valid organization UUIDs by observing response status codes and error messages, allowing confirmation of organization existence.
π@cveNotify
Capgo before 12.128.2 contains an information disclosure vulnerability in the /private/validate_password_compliance endpoint that returns different error responses for malformed, non-existent, and existing organization IDs. Unauthenticated attackers can enumerate valid organization UUIDs by observing response status codes and error messages, allowing confirmation of organization existence.
π@cveNotify
GitHub
Unauthenticated org existence oracle via /private/validate_password_compliance
### Summary
/private/validate_password_compliance returns different errors for malformed vs non-existent vs existing org_id. This lets an unauthenticated user confirm whether an organization UUID ...
/private/validate_password_compliance returns different errors for malformed vs non-existent vs existing org_id. This lets an unauthenticated user confirm whether an organization UUID ...
π¨ CVE-2026-56320
Capgo before 12.128.2 contains an authorization flaw in POST /private/create_device that accepts a caller-supplied org_id parameter without validating it matches the target app's owner organization. Authenticated attackers can create device records for an application using a foreign organization identifier, bypassing the intended org/app authorization boundary.
π@cveNotify
Capgo before 12.128.2 contains an authorization flaw in POST /private/create_device that accepts a caller-supplied org_id parameter without validating it matches the target app's owner organization. Authenticated attackers can create device records for an application using a foreign organization identifier, bypassing the intended org/app authorization boundary.
π@cveNotify
GitHub
Authenticated org/app scope mismatch in /private/create_device allows device creation for an app using a foreign org_id
### Summary
POST /private/create_device accepts a caller-supplied org_id that does not belong to the target app_id, but still authorizes and persists device records for that app.
I confirmed th...
POST /private/create_device accepts a caller-supplied org_id that does not belong to the target app_id, but still authorizes and persists device records for that app.
I confirmed th...
π¨ CVE-2026-56327
Capgo before 12.128.2 contains an information disclosure vulnerability in the public.invite_user_to_org RPC function that allows unauthenticated attackers to enumerate organization existence by observing distinct error responses. Attackers can call the SECURITY DEFINER function with a publishable API key to determine if an organization ID exists based on NO_ORG versus NO_RIGHTS responses, enabling tenant enumeration attacks.
π@cveNotify
Capgo before 12.128.2 contains an information disclosure vulnerability in the public.invite_user_to_org RPC function that allows unauthenticated attackers to enumerate organization existence by observing distinct error responses. Attackers can call the SECURITY DEFINER function with a publishable API key to determine if an organization ID exists based on NO_ORG versus NO_RIGHTS responses, enabling tenant enumeration attacks.
π@cveNotify
GitHub
Unauthenticated org existence oracle via public Supabase RPC public.invite_user_to_org(email, org_id, invite_type) (SECURITY DEFINER)
### Summary
The Supabase PostgREST RPC public.invite_user_to_org(email, org_id, invite_type) is publicly callable with the projectβs sb_publishable_* key and returns distinct results (NO_ORG vs NO...
The Supabase PostgREST RPC public.invite_user_to_org(email, org_id, invite_type) is publicly callable with the projectβs sb_publishable_* key and returns distinct results (NO_ORG vs NO...
π¨ CVE-2026-56328
Capgo before 12.128.2 allows multiple public channels for the same app and platform to coexist simultaneously, while unnamed /updates requests without defaultChannel implicitly resolve to a single hidden winner channel. An authorized app or channel manager can create ambiguous default update state and silently influence which bundle unnamed clients receive, breaking release routing integrity and predictability.
π@cveNotify
Capgo before 12.128.2 allows multiple public channels for the same app and platform to coexist simultaneously, while unnamed /updates requests without defaultChannel implicitly resolve to a single hidden winner channel. An authorized app or channel manager can create ambiguous default update state and silently influence which bundle unnamed clients receive, breaking release routing integrity and predictability.
π@cveNotify
GitHub
Multiple same-platform public channels can coexist, while unnamed /updates selects a single implicit winner
### Summary
Capgo allows multiple `public=true` channels for the same app and same platform to coexist at the same time, but clients calling `/updates` without `defaultChannel` still resolve to ...
Capgo allows multiple `public=true` channels for the same app and same platform to coexist at the same time, but clients calling `/updates` without `defaultChannel` still resolve to ...
π¨ CVE-2026-56333
Capgo before 12.128.2 contains a server-side validation bypass vulnerability in organization security settings that allows authenticated org admins to persist invalid security policy state. Attackers can bypass backend validation by directly updating the public.orgs table from the browser, circumventing field-level validation checks for max_apikey_expiration_days and other security-sensitive configuration parameters.
π@cveNotify
Capgo before 12.128.2 contains a server-side validation bypass vulnerability in organization security settings that allows authenticated org admins to persist invalid security policy state. Attackers can bypass backend validation by directly updating the public.orgs table from the browser, circumventing field-level validation checks for max_apikey_expiration_days and other security-sensitive configuration parameters.
π@cveNotify
GitHub
Authenticated org admin can bypass /organization security-setting validation via direct browser-side public.orgs updates
### Summary
Capgoβs dashboard updates organization security settings directly from the browser against public.orgs, while the official backend /organization endpoint applies stricter server-side v...
Capgoβs dashboard updates organization security settings directly from the browser against public.orgs, while the official backend /organization endpoint applies stricter server-side v...
π¨ CVE-2026-56334
Capgo before 12.128.2 lacks an UPDATE row-level security policy for the build_requests table, preventing API-key and anonymous access from persisting builder status updates. Attackers can exploit this missing policy to cause build status and error details to remain unpersisted, leaving build_requests rows stuck in pending state with null last_error values.
π@cveNotify
Capgo before 12.128.2 lacks an UPDATE row-level security policy for the build_requests table, preventing API-key and anonymous access from persisting builder status updates. Attackers can exploit this missing policy to cause build status and error details to remain unpersisted, leaving build_requests rows stuck in pending state with null last_error values.
π@cveNotify
GitHub
Build status is not persisted to build_requests (stuck pending, last_error never set) due to missing UPDATE RLS policy for APIβ¦
### Summary
/build/status returns the real builder status (failed) but the corresponding build_requests row stays status=pending and last_error=null. This prevents the dashboard from showing cor...
/build/status returns the real builder status (failed) but the corresponding build_requests row stays status=pending and last_error=null. This prevents the dashboard from showing cor...
π¨ CVE-2026-56350
n8n before 2.8.0 contains an authentication bypass vulnerability allowing authenticated SSO users to disable SSO enforcement through the API. Attackers can create local password credentials to authenticate directly, bypassing organizational SSO policies and identity-provider-enforced multi-factor authentication.
π@cveNotify
n8n before 2.8.0 contains an authentication bypass vulnerability allowing authenticated SSO users to disable SSO enforcement through the API. Attackers can create local password credentials to authenticate directly, bypassing organizational SSO policies and identity-provider-enforced multi-factor authentication.
π@cveNotify
GitHub
SSO Enforcement Bypass
## Impact
An authenticated user signed in through Single Sign-On (SSO) could disable SSO enforcement for their own account through the n8n API. This allowed the user to create a local password and...
An authenticated user signed in through Single Sign-On (SSO) could disable SSO enforcement for their own account through the n8n API. This allowed the user to create a local password and...
π¨ CVE-2026-56356
n8n contains a stored cross-site scripting vulnerability in the Chat Trigger node's Custom CSS field due to a misconfiguration of the sanitize-html library. Affected releases are those before 1.123.27, the 2.0.0 through 2.13.2 line, and 2.14.0 (fixed in 1.123.27, 2.13.3, and 2.14.1). An authenticated user with permission to create or modify workflows can inject JavaScript that bypasses sanitization, resulting in stored XSS against any user who visits the public chat page.
π@cveNotify
n8n contains a stored cross-site scripting vulnerability in the Chat Trigger node's Custom CSS field due to a misconfiguration of the sanitize-html library. Affected releases are those before 1.123.27, the 2.0.0 through 2.13.2 line, and 2.14.0 (fixed in 1.123.27, 2.13.3, and 2.14.1). An authenticated user with permission to create or modify workflows can inject JavaScript that bypasses sanitization, resulting in stored XSS against any user who visits the public chat page.
π@cveNotify
GitHub
XSS in Chat Trigger Node via Custom CSS
## Impact
An authenticated user with permission to create or modify workflows could inject malicious JavaScript into the Custom CSS field of the Chat Trigger node. Due to a misconfiguration in the ...
An authenticated user with permission to create or modify workflows could inject malicious JavaScript into the Custom CSS field of the Chat Trigger node. Due to a misconfiguration in the ...
π¨ CVE-2026-56361
ImageMagick before 7.1.2-19 contains an off-by-one error in morphology validation allowing out-of-bounds heap buffer reads. Attackers can trigger heap buffer overflow by providing incorrect morphology parameters causing single pixel memory access violations.
π@cveNotify
ImageMagick before 7.1.2-19 contains an off-by-one error in morphology validation allowing out-of-bounds heap buffer reads. Attackers can trigger heap buffer overflow by providing incorrect morphology parameters causing single pixel memory access violations.
π@cveNotify
GitHub
Off-by-one origin validation in allows out-of-bounds read in morphology processing
An incorrect morphology would allow an out of bounds read of a single pixel.
```
==1200284==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x5100000002d0 at pc 0x59e28e60c27a bp 0x7ff...
```
==1200284==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x5100000002d0 at pc 0x59e28e60c27a bp 0x7ff...
π¨ CVE-2026-56363
ImageMagick before 7.1.2-22 contains a division by zero vulnerability in binomial kernel processing that allows attackers to cause denial of service. An attacker can supply a large binomial kernel value causing integer overflow, resulting in division by zero and application crash.
π@cveNotify
ImageMagick before 7.1.2-22 contains a division by zero vulnerability in binomial kernel processing that allows attackers to cause denial of service. An attacker can supply a large binomial kernel value causing integer overflow, resulting in division by zero and application crash.
π@cveNotify
GitHub
Division by Zero in binomial kernel
An user supplied large binomial kernel could result in an overflow that would lead to a division by zero.
π¨ CVE-2026-56364
ImageMagick before 7.1.2-13 contains a memory leak vulnerability in LoadOpenCLDeviceBenchmark() function when parsing malformed OpenCL device profile XML files with unclosed device elements. Attackers with write access to the OpenCL cache directory can place malicious XML files to exhaust memory and cause denial of service.
π@cveNotify
ImageMagick before 7.1.2-13 contains a memory leak vulnerability in LoadOpenCLDeviceBenchmark() function when parsing malformed OpenCL device profile XML files with unclosed device elements. Attackers with write access to the OpenCL cache directory can place malicious XML files to exhaust memory and cause denial of service.
π@cveNotify
GitHub
Moved permissions block in the workflows. Β· ImageMagick/ImageMagick@a52c1b4
ImageMagick is a free, open-source software suite for creating, editing, converting, and displaying images. It supports 200+ formats and offers powerful command-line tools and APIs for automation, scripting, and integration across platforms. - Moved permissionsβ¦
π¨ CVE-2026-56365
ImageMagick before 7.1.2-19 contains a memory leak vulnerability in the PNG encoder when writing MNG images. Attackers can trigger the encoder failure condition to exhaust memory resources and cause denial of service.
π@cveNotify
ImageMagick before 7.1.2-19 contains a memory leak vulnerability in the PNG encoder when writing MNG images. Attackers can trigger the encoder failure condition to exhaust memory resources and cause denial of service.
π@cveNotify
GitHub
Memory leak in PNG encoder when writing a MNG image
When the PNG encoder fails to write an MNG image it can leak memory.
π¨ CVE-2026-56369
ImageMagick before 7.1.2-22 contains an information disclosure vulnerability in the PasskeyEncipherImage method due to AES-CTR nonce reuse. Attackers can exploit nonce reuse in the cipher implementation to recover plaintext information from encrypted images.
π@cveNotify
ImageMagick before 7.1.2-22 contains an information disclosure vulnerability in the PasskeyEncipherImage method due to AES-CTR nonce reuse. Attackers can exploit nonce reuse in the cipher implementation to recover plaintext information from encrypted images.
π@cveNotify
GitHub
Information Disclosure in PasskeyEncipherImage via AES-CTR nonce reuse
The PasskeyEncipherImage method is vulnerable to information disclosure via AES-CTR nonce reuse . We have update the documentation on our website to make it more clear that this is happening: https...
π¨ CVE-2026-56377
ImageMagick before 7.1.2-24 contains an incorrect policy check that allows attackers to create or truncate files disallowed by security policies. Remote attackers can bypass path policy restrictions in sandboxed conversion services to write arbitrary files outside intended boundaries.
π@cveNotify
ImageMagick before 7.1.2-24 contains an incorrect policy check that allows attackers to create or truncate files disallowed by security policies. Remote attackers can bypass path policy restrictions in sandboxed conversion services to write arbitrary files outside intended boundaries.
π@cveNotify
GitHub
Policy Bypass can create or truncate files
An incorrect check can cause the creation or truncate of a file that is disallowed by the security policy.relevant for sandboxed conversion services that use ImageMagick path policies as part of th...
π¨ CVE-2026-56399
Open WebUI before 0.6.27 contains a server-side request forgery vulnerability in the /api/v1/retrieval/process/web endpoint that allows authenticated users to bypass SSRF protections. Attackers can manipulate URL parameters with location redirect headers to access internal services and potentially execute commands via instance secrets.
π@cveNotify
Open WebUI before 0.6.27 contains a server-side request forgery vulnerability in the /api/v1/retrieval/process/web endpoint that allows authenticated users to bypass SSRF protections. Attackers can manipulate URL parameters with location redirect headers to access internal services and potentially execute commands via instance secrets.
π@cveNotify
GitHub
feat/security: Add SSRF protection with configurable blocklist Β· open-webui/open-webui@02238d3
Co-Authored-By: Classic298 <27028174+Classic298@users.noreply.github.com>
π¨ CVE-2026-56413
Storage Concentrator (SC & SCVM) contains a command injection vulnerability in the ms_service.pl service, which listens on TCP port 9000 by default and accepts custom network packets to perform device actions. An unauthenticated remote attacker can send a specially crafted packet containing a malicious payload that is processed without adequate sanitization, resulting in arbitrary command execution with root-level privileges.
π@cveNotify
Storage Concentrator (SC & SCVM) contains a command injection vulnerability in the ms_service.pl service, which listens on TCP port 9000 by default and accepts custom network packets to perform device actions. An unauthenticated remote attacker can send a specially crafted packet containing a malicious payload that is processed without adequate sanitization, resulting in arbitrary command execution with root-level privileges.
π@cveNotify
π¨ CVE-2026-56415
Storage Concentrator (SC & SCVM) contains a command injection vulnerability within the debug.pl script that is reachable without authentication. A remote attacker can submit a specially crafted HTTP request containing a malicious payload that is processed without adequate input sanitization, resulting in arbitrary command execution with root-level privileges on the underlying system.
π@cveNotify
Storage Concentrator (SC & SCVM) contains a command injection vulnerability within the debug.pl script that is reachable without authentication. A remote attacker can submit a specially crafted HTTP request containing a malicious payload that is processed without adequate input sanitization, resulting in arbitrary command execution with root-level privileges on the underlying system.
π@cveNotify
π¨ CVE-2026-56700
Grav CMS before 2.0.0-beta.2 contains multiple code-execution vulnerabilities. Three unsafe unserialize() calls - in Scheduler\JobQueue, Framework\Cache\Adapter\FileCache, and Session - deserialize untrusted data without restricting allowed classes, enabling PHP object injection and, via a gadget chain, arbitrary code execution where an attacker controls the serialized input. Additionally, InstallCommand's git clone operation passes the branch, url, and path parameters into a shell command without escaping, allowing OS command injection via plugin/theme installation (which requires admin access). A Twig security blocklist bypass (server-side template injection) is also present. The issues are fixed in 2.0.0-beta.2.
π@cveNotify
Grav CMS before 2.0.0-beta.2 contains multiple code-execution vulnerabilities. Three unsafe unserialize() calls - in Scheduler\JobQueue, Framework\Cache\Adapter\FileCache, and Session - deserialize untrusted data without restricting allowed classes, enabling PHP object injection and, via a gadget chain, arbitrary code execution where an attacker controls the serialized input. Additionally, InstallCommand's git clone operation passes the branch, url, and path parameters into a shell command without escaping, allowing OS command injection via plugin/theme installation (which requires admin access). A Twig security blocklist bypass (server-side template injection) is also present. The issues are fixed in 2.0.0-beta.2.
π@cveNotify
GitHub
Multiple RCE vectors: unsafe unserialize (x3), command injection in git clone, SSTI blocklist bypass (CWE-502, CWE-78, CWE-1336)
Hi,
I found multiple RCE vectors in Grav CMS. Three are critical, two are high.
**1. Unsafe unserialize() in JobQueue β direct RCE gadget (Critical)**
`system/src/Grav/Common/Scheduler/Job...
I found multiple RCE vectors in Grav CMS. Three are critical, two are high.
**1. Unsafe unserialize() in JobQueue β direct RCE gadget (Critical)**
`system/src/Grav/Common/Scheduler/Job...
π¨ CVE-2026-56777
n8n before 2.25.7 and 2.26.x before 2.26.2 contains an abstract syntax tree (AST) security validator bypass in the Python Code node. An authenticated user with permission to create or modify workflows containing a Python Code node can bypass the validator and access the task executor module namespace. The issue only affects self-hosted instances where the Python Task Runner is enabled; where N8N_BLOCK_RUNNER_ENV_ACCESS is configured to allow it, this can disclose environment variables accessible to the task runner process.
π@cveNotify
n8n before 2.25.7 and 2.26.x before 2.26.2 contains an abstract syntax tree (AST) security validator bypass in the Python Code node. An authenticated user with permission to create or modify workflows containing a Python Code node can bypass the validator and access the task executor module namespace. The issue only affects self-hosted instances where the Python Task Runner is enabled; where N8N_BLOCK_RUNNER_ENV_ACCESS is configured to allow it, this can disclose environment variables accessible to the task runner process.
π@cveNotify
GitHub
Python Code Node AST Validator Bypass
## Impact
An authenticated user with permission to create or modify workflows containing a Python Code node could bypass the AST security validator and access the task executor module namespace. On...
An authenticated user with permission to create or modify workflows containing a Python Code node could bypass the AST security validator and access the task executor module namespace. On...