Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1336 CNY

100%
Buy Us a Coffee

CVE-2026-56214— Capgo - Unauthenticated Organization Enumeration and Billing Status Disclosure via Supabase RPC

CVSS 7.5 · High EPSS 0.30% · P22

Possible ATT&CK Techniques 1AI

T1592 · Gather Victim Host Information
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-56214

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
Capgo - Unauthenticated Organization Enumeration and Billing Status Disclosure via Supabase RPC
Source: NVD (National Vulnerability Database)
Vulnerability Description
Capgo before 12.128.2 contains an information disclosure vulnerability in Supabase PostgREST RPC endpoints is_trial_org and is_paying_org that allows unauthenticated attackers to enumerate organizations and disclose billing status using the public sb_publishable key. Attackers can invoke these endpoints to determine organization existence via distinguishable return values and identify paying customers for targeted profiling.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
信息暴露
Source: NVD (National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
CapgoCapgo 0 ~ 12.128.2 -

II. Public POCs for CVE-2026-56214

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2026-56214

登录查看更多情报信息。

Vendor Advisories for CVE-2026-56214 (2)

Same Patch Batch · Capgo · 2026-06-20 · 14 CVEs total

CVE-2026-562168.8 HIGHCapgo - Scope Escalation via API Key Creation in /functions/v1/apikey
CVE-2026-562158.3 HIGHCapgo - Account Merge via Poisoned public.users.email in SSO Provisioning
CVE-2026-562956.3 MEDIUMCapgo - Policy Enforcement Bypass in Webhook Management Endpoints via Non-Expiring API Key
CVE-2026-562275.4 MEDIUMCapgo - Server-Side Request Forgery via Webhook URL Validation
CVE-2026-562135.3 MEDIUMCapgo - Unauthenticated Cross-Tenant Metrics Poisoning via upsert_version_meta RPC
CVE-2026-562825.3 MEDIUMCapgo - Information Disclosure via Unauthenticated /replication Endpoint
CVE-2026-562185.3 MEDIUMCapgo - EXIF Metadata Exposure via Image Upload
CVE-2026-562284.9 MEDIUMCapgo - Denial of Service via Improper Password Policy Length Validation
CVE-2026-563324.7 MEDIUMCapgo - Open Redirect via confirmation_url Parameter
CVE-2026-563194.3 MEDIUMCapgo - App Existence Oracle via GET /statistics/app/:app_id
CVE-2026-562123.8 LOWCapgo - Improper 2FA Enforcement Logic via Team Security Settings
CVE-2026-563303.5 LOWCapgo - Open Redirect via Unvalidated Stripe Billing URLs
CVE-2026-563253.1 LOWCapgo - App ID Confusion via ILIKE Wildcard in Preview Subdomain Lookup

IV. Related Vulnerabilities

Same product: Capgo
Same vendor: Capgo
Same weakness: CWE-200

V. Comments for CVE-2026-56214

No comments yet

Leave a comment