CVE search
366,359 resultsCVE-2026-56334MEDIUMCapgo - Missing UPDATE RLS Policy for Build Status PersistenceEPSS 0.2%CVE-2026-56333MEDIUMCapgo - Server-Side Validation Bypass via Direct Browser-Side Organization Security Settings UpdatesEPSS 0.2%CVE-2026-56331MEDIUMCapgo - Improper Error Handling in Accept Invitation Endpoint via Invalid Magic StringEPSS 0.3%CVE-2026-56328HIGHCapgo - Integrity Issue in Release Routing via Multiple Public ChannelsEPSS 0.2%CVE-2026-56327MEDIUMCapgo - Unauthenticated Organization Existence Oracle via public.invite_user_to_org RPCEPSS 0.3%CVE-2026-56320HIGHCapgo - Org/App Scope Mismatch in Device Creation EndpointEPSS 0.2%CVE-2026-56318MEDIUMCapgo - Information Disclosure via /private/validate_password_compliance EndpointEPSS 0.3%CVE-2026-56300HIGHCapgo - Unauthenticated API Key Validity and Permission Oracle via RPC FunctionsEPSS 0.3%CVE-2026-56286HIGHCapgo - Account Deletion Without Password ConfirmationEPSS 0.4%CVE-2026-56278CRITICALFlowise - Session Hijacking via Weak Default Express Session SecretEPSS 0.4%CVE-2026-56277MEDIUMFlowise - Hardcoded CORS Wildcard in TTS EndpointEPSS 0.1%CVE-2026-56264CRITICALCrawl4AI - Arbitrary JavaScript Execution via /execute_js EndpointEPSS 0.3%CVE-2026-56249HIGHCapgo - Unauthorized Channel Overwrite and Ownership Takeover via POST /channel Name CollisionEPSS 0.3%CVE-2026-56247HIGHCapgo - Privilege Escalation via Cross-Scope RBAC Role AssignmentEPSS 0.3%CVE-2026-56233HIGHCapgo - SSRF and Privilege Escalation via Path Traversal in Builder Upload ProxyEPSS 0.5%CVE-2026-56230HIGHCapgo - Broken Object Level Authorization via x-limited-key-id HeaderEPSS 0.3%CVE-2026-56224MEDIUMCapgo - Login CSRF and Session Fixation via URL Query ParametersEPSS 0.2%CVE-2026-56219HIGHCapgo - Unauthenticated RBAC Bindings and Email Disclosure via get_org_user_access_rbac NULL-auth BypassEPSS 0.3%CVE-2025-71381MEDIUMHono - Vary Header Injection in CORS MiddlewareEPSS 0.3%CVE-2025-71374HIGHpicklescan - Arbitrary Code Execution via Undetected profile.Profile.runEPSS 0.6%