A vulnerability was found in Capgo up to 12.128.1. It has been classified as critical. Affected by this issue is the function
public.get_org_user_access_rbac of the component PostgREST RPC Endpoint. Performing a manipulation results in improper authentication.
This vulnerability is reported as CVE-2026-56219. The attack is possible to be carried out remotely. No exploit exists.
Upgrading the affected component is recommended.