A vulnerability was found in Capgo up to 12.128.1. It has been classified as critical. Affected by this issue is the function public.get_org_user_access_rbac of the component PostgREST RPC Endpoint. Performing a manipulation results in improper authentication.

This vulnerability is reported as CVE-2026-56219. The attack is possible to be carried out remotely. No exploit exists.

Upgrading the affected component is recommended.