What is CVE-2026-56218?

CVE-2026-56218 is a medium-severity vulnerability in Capgo, classified under Information Disclosure. CVSS score: 5.3/10. Published 2026-06-20.

How severe is CVE-2026-56218?

Medium severity. CVSS v3 base score is 5.3 out of 10.

Information disclosure in Capgo

CVE-2026-56218

Capgo before 12.128.2 fails to strip EXIF metadata including GPS geolocation data from uploaded images, allowing information disclosure. Attackers can download uploaded images and extract precise latitude and longitude coordinates revealin…

Vulnerability class: Information Disclosure

CVSS v3 metric

CVSS v3 base score 5.3 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N.

Affected products

Capgo — versions 0, 12.128.2

Weakness classification (CWE)

CWE-200 — Information Disclosure

References

disclosure@vulncheck.com (vendor-advisory)
disclosure@vulncheck.com (third-party-advisory)

Frequently asked questions

What is CVE-2026-56218?: CVE-2026-56218 is a medium-severity vulnerability in Capgo, classified under Information Disclosure. CVSS score: 5.3/10. Published 2026-06-20.
How severe is CVE-2026-56218?: Medium severity. CVSS v3 base score is 5.3 out of 10.