โ† ุงู„ุนูˆุฏุฉ ู„ู„ุฌุฏูˆู„
CVE-2026-56214
CVE-2026-56214 - Capgo - Unauthenticated Organization Enumeration and Billing Status Disclosure via Supabase RPC
๐Ÿ“… 2026-06-20 03:14:37
๐ŸŸก Medium ๐Ÿ”ฅ No MITRE CVE High Vulnerability Vulnerability

๐Ÿ“‹ ุงู„ูˆุตู ุงู„ูƒุงู…ู„

CVE ID :CVE-2026-56214 Published : June 20, 2026, 12:14 a.m. | 3ย hours, 19ย minutes ago Description :Capgo before 12.128.2 contains an information disclosure vulnerability in Supabase PostgREST RPC endpoints is_trial_org and is_paying_org that allows unauthenticated attackers to enumerate organizations and disclose billing status using the public sb_publishable key. Attackers can inv

๐Ÿ’ป ุงู„ุฃู†ุธู…ุฉ ุงู„ู…ุชุฃุซุฑุฉ

โš ๏ธ ู†ูˆุน ุงู„ุชู‡ุฏูŠุฏ

Vulnerability

๐Ÿ”— CVE ID

CVE-2026-56214

๐Ÿ“ก ุงู„ู…ุตุฏุฑ

MITRE CVE High

โœ… ุงู„ุญู„ูˆู„ ูˆุงู„ุชุฎููŠู

Refer to CVE-2026-56214 NVD advisory

๐Ÿ”— ุงู„ู…ุตุฏุฑ ุงู„ุฃุตู„ูŠ โ† ๐Ÿ“˜ NVD โ† โšก CISA KEV โ†