CVE-2026-53867 – Capgo < 12.128.2 – Orphaned File Retention via Profile Image Replacement

CVE ID :CVE-2026-53867

Published : June 12, 2026, 10:16 p.m. | 1 hour, 7 minutes ago

Description :Capgo before 12.128.2 fails to delete previously uploaded profile images from backend storage when users replace or remove them. Attackers can access orphaned image files through previously generated URLs, allowing unauthorized retrieval of user-uploaded content.

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2026-12068 – Avira Password Manager credential disclosure via cross-origin autofill in Firefox

CVE-2026-54398 – MISP object edit authorization bypass allows unauthorized sharing group assignment

CVE-2026-54095 – Rejected reason: CVE ** REJECT ** DO NOT USE THIS

CVE-2026-53868 – Capgo < 12.128.2 – Denial of Service via Unverified Email Account Registration and Deletion