CVE-2026-56218

MEDIUM5.3

Published 2026-06-20 · Updated 2026-06-23 · Source disclosure@vulncheck.com

Description

Capgo before 12.128.2 fails to strip EXIF metadata including GPS geolocation data from uploaded images, allowing information disclosure. Attackers can download uploaded images and extract precise latitude and longitude coordinates revealing user physical location at capture time.

CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE-200

References

View on NVD

Related CVEs

Same severity, most recent

CVE-2026-44622
Charging station authentication identifiers are publicly accessible via web-based mapping platforms.
2026-06-25 · score 6.5
CVE-2020-37256
Grav before 1.6.30 contains a cross-site scripting vulnerability in the Admin plugin page editor default security configuration. Privileged users with page editing capabilities can inject malicious scripts to execute arbitrary code and install malicious plugins for system access.
2026-06-25 · score 5.4
CVE-2026-57521
Bitwarden Server before 2026.5.0 contains a broken access control vulnerability that allows any authenticated user to access arbitrary organization billing data by supplying an arbitrary organizationId to the PreviewInvoiceController endpoints without membership or authorization checks. Attackers can exploit the missing ManageOrganizationBillingRequirement on the preview invoice endpoints to retrieve Stripe-computed tax totals, subscription status, and billing details derived from any target organization's real customer and subscription data.
2026-06-25 · score 4.3
CVE-2026-2299
The Mattermost Google Drive plugin before version 1.1.0 fails to validate channel membership in the file creation endpoint, allowing authenticated users with a connected Google account to share Google Drive files to unauthorized private channels and disclose private channel membership.
2026-06-25 · score 4.2
CVE-2026-56789
RTKLIB through 2.4.3 contains a heap buffer overflow vulnerability in the readrnxobsb function in src/rinex.c that allows attackers to trigger memory corruption by failing to clamp satellite count values from RINEX epoch headers. Attackers can craft malicious RINEX files declaring more than 64 satellites per epoch to cause heap buffer overflow writes and out-of-bounds stack reads, crashing RTKLIB-based applications including rnx2rtkp and RTKPOST.
2026-06-25 · score 6.5