CVE Catalog

CVE-2026-56223

HighCVSS 8.7
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.24%

15th percentile — higher than 15% of all known CVEs

Summary

Capgo before version 12.128.2 contains a cross-domain SSO account takeover vulnerability in the provision-user endpoint that allows attackers to merge arbitrary victim accounts based on email match without validating SSO provider domain authorization.

Risk Assessment

An attacker with enterprise org admin access can exploit this vulnerability to gain full access to victim accounts, organizations, and data, posing a serious threat to data security.

Recommendation

It is recommended to upgrade to Capgo version 12.128.2 or later and implement additional domain authorization validation mechanisms for the SSO provider.

Original NVD description (English source)

Capgo before 12.128.2 contains a cross-domain SSO account takeover vulnerability in the provision-user endpoint that allows attackers to merge arbitrary victim accounts based on email match without validating SSO provider domain authorization. An attacker with enterprise org admin access and a malicious IdP can forge SAML assertions containing victim email addresses to trigger account merge and gain full access to victim accounts, organizations, and data.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS