CVE-2026-56255— Capgo - Denial of Service via Unlimited Demo App Creation
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-56255
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Capgo - Denial of Service via Unlimited Demo App Creation
Source: NVD (National Vulnerability Database)
Vulnerability Description
Capgo before 12.128.2 contains a denial of service vulnerability in the POST /app/demo endpoint that allows authenticated users with org write permissions to create unlimited demo applications without rate limiting or quota enforcement. Attackers can repeatedly invoke this endpoint to generate approximately 138 database write operations per request, causing degraded performance, increased costs, and potential service instability.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Source: NVD (National Vulnerability Database)
Vulnerability Type
不加限制或调节的资源分配
Source: NVD (National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2026-56255
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-56255
请登录查看更多情报信息。
Vendor Advisories for CVE-2026-56255 (1)
Other References for CVE-2026-56255 (1)
Same Patch Batch · Capgo · 2026-06-22 · 7 CVEs total
| CVE-2026-56324 | 8.2 HIGH | Capgo - Rate Limit Bypass via User-Controlled device_id Parameter |
| CVE-2026-56323 | 7.5 HIGH | Capgo - Unauthenticated Channel Enumeration and App Oracle via GET /channel_self |
| CVE-2026-56314 | 7.1 HIGH | Capgo - Deleted Bundle Selection via Missing Deletion Filter in /updates Endpoint |
| CVE-2026-56306 | 6.4 MEDIUM | Capgo - Subkey Enforcement Bypass via x-limited-key-id Header Parsing |
| CVE-2026-56311 | 5.3 MEDIUM | Capgo - Unauthenticated Cross-Tenant Disclosure via get_current_plan_max_org RPC |
| CVE-2026-56321 | 5.3 MEDIUM | Capgo - Missing Authentication Middleware on GET /private/role_bindings Endpoint |
IV. Related Vulnerabilities
Same product: Capgo
- CVE-2026-56337
Capgo - Information Disclosure via Unauthenticated RPC Funct - CVE-2026-56338
Capgo - Denial of Service in 2FA Email Verification via /aut - CVE-2026-56310
Cap-go - Authorization Bypass in Organization Members Endpoi - CVE-2026-56302
Capgo - Unsecured Supabase Images Bucket via Missing Row Lev - CVE-2026-56257
Capgo - Authorization Bypass in App Ownership Transfer via D
Same vendor: Capgo
- CVE-2026-56337
Capgo - Information Disclosure via Unauthenticated RPC Funct - CVE-2026-56338
Capgo - Denial of Service in 2FA Email Verification via /aut - CVE-2026-56302
Capgo - Unsecured Supabase Images Bucket via Missing Row Lev - CVE-2026-56257
Capgo - Authorization Bypass in App Ownership Transfer via D - CVE-2026-56256
Capgo - Two-Factor Authentication Bypass via Organization Ma
Same weakness: CWE-770
- CVE-2025-32394
AutoGPT: There is a DoS vulnerability in AITextSummarizerBlo - CVE-2025-32423
AutoGPT: There is a DoS vulnerability in ExtractTextInformat - CVE-2026-13322
Kubevirt: virt-handler-rhel9: kubevirt: unbounded virtio-ser - CVE-2026-54448
Trivy: Helm chart tar bomb causes OOM via unbounded io.ReadA - CVE-2026-54024
LibreChat: Incomplete Fix for CVE-2024-11171 — Conversation
V. Comments for CVE-2026-56255
No comments yet