A vulnerability identified as critical has been detected in Capgo up to 12.128.1. Impacted is an unknown function of the file /webhooks/test of the component Scope Isolation. The manipulation of the argument api_key leads to improper authorization.

This vulnerability is referenced as CVE-2026-56252. Remote exploitation of the attack is possible. No exploit is available.