Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
| # | POC Description | Source Link | Shenlong Link |
|---|
| CVE-2026-56241 | 8.3 HIGH | Capgo - RBAC Demotion Privilege Retention via Stale org_users.user_right |
| CVE-2026-56313 | 8.1 HIGH | Capgo - Cross-Organization Account Disruption via SSO Prelink Endpoint |
| CVE-2026-56308 | 7.3 HIGH | Capgo - Insufficient Authentication in Email Change Endpoint |
| CVE-2026-56252 | 5.4 MEDIUM | Capgo - Scope Isolation Failure in Webhook Test Endpoint |
| CVE-2026-56336 | 5.3 MEDIUM | Capgo - Information Disclosure via Unauthenticated SSO check-domain Endpoint |
| CVE-2026-56281 | 3.8 LOW | Capgo - SQL Injection via Unvalidated limit Parameter in Admin Stats Endpoint |
No comments yet