Stats Digest Feeds
โ† Back to all CVEs

CVE-2026-56286

HIGH NVD
CVSS Score 8.1
Severity HIGH
Published Jun 30, 2026
Vendor unknown

Description

Capgo before 12.128.2 contains an authentication bypass vulnerability in the account deletion endpoint that allows deletion without password re-authentication or secondary verification. Attackers can delete user accounts via session hijacking, CSRF attacks, or parameter tampering, resulting in unauthorized account deletion, data loss, and denial-of-service.

References