What is CVE-2026-56236?

CVE-2026-56236 is a medium-severity vulnerability in Capgo Cli, classified under Improper Link Resolution Before File Access. CVSS score: 6.1/10. Published 2026-06-21.

How severe is CVE-2026-56236?

Medium severity. CVSS v3 base score is 6.1 out of 10.

Vulnerability in Capgo Cli

CVE-2026-56236

Capgo CLI before 12.128.2 contains arbitrary file overwrite vulnerabilities in login and build credentials operations that follow symlinks without validation. Attackers can create malicious symlinks in repositories to overwrite arbitrary f…

CVSS v3 metric

CVSS v3 base score 6.1 (Medium). Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N.

Affected products

Capgo Cli — versions 0, 12.128.2

Weakness classification (CWE)

CWE-59 — Improper Link Resolution Before File Access

References

disclosure@vulncheck.com (vendor-advisory)
disclosure@vulncheck.com (third-party-advisory)

Frequently asked questions

What is CVE-2026-56236?: CVE-2026-56236 is a medium-severity vulnerability in Capgo Cli, classified under Improper Link Resolution Before File Access. CVSS score: 6.1/10. Published 2026-06-21.
How severe is CVE-2026-56236?: Medium severity. CVSS v3 base score is 6.1 out of 10.