What is CVE-2026-56073?

CVE-2026-56073 is a critical-severity vulnerability in Cap-go Capgo, classified under Insufficient Verification of Data Authenticity. CVSS score: 9.4/10. Published 2026-06-19.

How severe is CVE-2026-56073?

Critical severity. CVSS v3 base score is 9.4 out of 10.

Vulnerability in Cap-go Capgo

CVE-2026-56073

Cap-go before 12.128.2 contains an authentication bypass vulnerability in OTP verification that allows attackers to bypass email verification by modifying server responses. Attackers can intercept OTP verification requests and manipulate H…

CVSS v3 metric

CVSS v3 base score 9.4 (Critical). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L.

Affected products

Cap-go Capgo — versions 0, 12.128.2

Weakness classification (CWE)

CWE-345 — Insufficient Verification of Data Authenticity

References

disclosure@vulncheck.com (vendor-advisory)
disclosure@vulncheck.com (third-party-advisory)

Frequently asked questions

What is CVE-2026-56073?: CVE-2026-56073 is a critical-severity vulnerability in Cap-go Capgo, classified under Insufficient Verification of Data Authenticity. CVSS score: 9.4/10. Published 2026-06-19.
How severe is CVE-2026-56073?: Critical severity. CVSS v3 base score is 9.4 out of 10.