Vulnerability in Capgo

CVE-2026-56305

Capgo before 12.128.2 contains an authentication bypass vulnerability in the password change endpoint that allows attackers to change user passwords without requiring current password confirmation. Attackers with temporary session access c…

CVSS v3 metric

CVSS v3 base score 8.3 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L.

Affected products

  • Capgo — versions 0, 12.128.2

Weakness classification (CWE)

References

Frequently asked questions

What is CVE-2026-56305?
CVE-2026-56305 is a high-severity vulnerability in Capgo, classified under CWE-620. CVSS score: 8.3/10. Published 2026-07-10.
How severe is CVE-2026-56305?
High severity. CVSS v3 base score is 8.3 out of 10.