Stats Digest Feeds
โ† Back to all CVEs

CVE-2026-56334

MEDIUM NVD
CVSS Score 4.3
Severity MEDIUM
Published Jun 30, 2026
Vendor unknown

Description

Capgo before 12.128.2 lacks an UPDATE row-level security policy for the build_requests table, preventing API-key and anonymous access from persisting builder status updates. Attackers can exploit this missing policy to cause build status and error details to remain unpersisted, leaving build_requests rows stuck in pending state with null last_error values.

References