CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

CVE-2026-56293

mediumCVSS 5.4covered by 1 sourcefirst seen 2026-07-08
Capgo before 12.128.2 contains an authorization flaw in transfer_app() that fails to update deploy_history.owner_org when transferring applications between organizations. Attackers can exploit this omission to retain unauthorized access to deployment history records in the source organization or cause the destination organization to lose access to transferred application deployment records.

⚡ Watch CVE-2026-56293

Get an email if CVE-2026-56293 is added to CISA KEV, gains public exploit code, or a new advisory cites it — max one per day, one-click unsubscribe.

Exploitation outlook

Advisory coverage (1)

External references

NVD record for CVE-2026-56293

CVE.org record

Embed the live status

CVE-2026-56293 live status badge — this badge updates automatically when the KEV or exploit status changes. How to embed it →

[![CVE-2026-56293 status](https://www.csirts.com/badge/CVE-2026-56293)](https://www.csirts.com/cve/CVE-2026-56293)