CVE-2026-56216

hype MIXED · 52 hack

Fresh advisory with patch, but no KEV, PoC, or in-the-wild signals; mostly alert amplification.

What: Scope escalation in Capgo (before 12.128.2) via POST /functions/v1/apikey endpoint; allows app-limited API keys to mint unrestricted keys.

Why it matters: Published today (June 20, 2026); rapid social amplification across Twitter and Bluesky within hours. Vendor has released patch (12.128.2), signaling active remediation. No KEV listing, CVSS/EPSS, or public PoC confirmed in metadata, but privilege escalation via API key minting is high-impact if weaponized.

Where it's seen: Alert accounts and infosec news bots (CVEnew, infoflowcloud) amplifying vendor advisory within 1-2 hours of publication. Translation efforts suggest international spread. No defender triage questions or working exploit code observed yet.

RISK: HIGH — Privilege escalation via API key scope allows unrestricted access; vendor patched same day.

Generated by claude-haiku-4-5 from public posts and authoritative metadata. AI can make mistakes — verify against vendor advisories before acting. 6/20/2026, 3:09:40 AM

No NVD details ingested for this CVE yet.