A vulnerability marked as critical has been reported in Cap-go Capgo up to 12.128.11 . Impacted is the function public.users.email of the component SSO Provisioning Endpoint . The manipulation leads to authorization bypass. This vulnerability is traded as CVE-2026-56215 . It is possible to initiate the attack remotely. There is no exploit available. It is suggested to upgrade the affected component.