Lucene search
K

11 matches found

NVD
NVD
added 2026/06/21 2:16 p.m.12 views

CVE-2026-56299

Capgo before 12.128.2 contains an authentication bypass vulnerability in the /build/upload/:jobId/ endpoint that allows unauthenticated attackers to trigger consistent 500 errors. Remote attackers can send OPTIONS requests to bypass authentication middleware and invoke tusProxy logic with invalid...

6.9CVSS0.00391EPSS
Exploits0References2
NVD
NVD
added 2026/06/21 2:16 p.m.10 views

CVE-2026-56316

Cap-go before 12.128.2 contains an information disclosure vulnerability in the OPTIONS /build/upload/:jobId/ endpoint that allows unauthenticated attackers to enumerate valid builder job IDs through observable response discrepancies. Attackers can probe the endpoint without authentication to...

6.9CVSS0.00241EPSS
Exploits0References2
CVE
CVE
added 2026/06/21 1:26 p.m.14 views

CVE-2026-56316

Cap-go before 12.128.2 contains an information disclosure vulnerability in the OPTIONS /build/upload/:jobId/* endpoint that allows unauthenticated attackers to enumerate valid builder job IDs by observing response discrepancies. Attackers can probe without authentication to distinguish valid job ...

6.9CVSS5.9AI score0.00241EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/21 1:26 p.m.4 views

CVE-2026-56316

Cap-go before 12.128.2 contains an information disclosure vulnerability in the OPTIONS /build/upload/:jobId/ endpoint that allows unauthenticated attackers to enumerate valid builder job IDs through observable response discrepancies. Attackers can probe the endpoint without authentication to...

6.9CVSS5.9AI score0.00241EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/21 1:26 p.m.7 views

EUVD-2026-38172

Cap-go before 12.128.2 contains an information disclosure vulnerability in the OPTIONS /build/upload/:jobId/ endpoint that allows unauthenticated attackers to enumerate valid builder job IDs through observable response discrepancies. Attackers can probe the endpoint without authentication to...

6.9CVSS5.9AI score0.00241EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/21 1:26 p.m.30 views

CVE-2026-56316 Cap-go - Job Existence Oracle via Unauthenticated OPTIONS /build/upload/:jobId/*

Cap-go before 12.128.2 contains an information disclosure vulnerability in the OPTIONS /build/upload/:jobId/ endpoint that allows unauthenticated attackers to enumerate valid builder job IDs through observable response discrepancies. Attackers can probe the endpoint without authentication to...

6.9CVSS0.00241EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/21 1:26 p.m.28 views

CVE-2026-56299 Capgo - Denial of Service via Unauthenticated OPTIONS Request to /build/upload Endpoint

Capgo before 12.128.2 contains an authentication bypass vulnerability in the /build/upload/:jobId/ endpoint that allows unauthenticated attackers to trigger consistent 500 errors. Remote attackers can send OPTIONS requests to bypass authentication middleware and invoke tusProxy logic with invalid...

6.9CVSS0.00391EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/21 1:26 p.m.5 views

CVE-2026-56299

Capgo before 12.128.2 contains an authentication bypass vulnerability in the /build/upload/:jobId/ endpoint that allows unauthenticated attackers to trigger consistent 500 errors. Remote attackers can send OPTIONS requests to bypass authentication middleware and invoke tusProxy logic with invalid...

6.9CVSS5.9AI score0.00391EPSS
Exploits0References3
CVE
CVE
added 2026/06/21 1:26 p.m.14 views

CVE-2026-56299

CVE-2026-56299 (Capgo) affects Capgo prior to 12.128.2. An authentication bypass in the /build/upload/:jobId/* endpoint allows unauthenticated remote attackers to trigger repeated 500 errors by sending OPTIONS requests, bypassing authentication middleware and invoking tusProxy logic with invalid ...

6.9CVSS5.9AI score0.00391EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/21 12:0 a.m.10 views

PT-2026-51226

Name of the Vulnerable Software and Affected Versions Cap-go versions prior to 12.128.2 Description An information disclosure issue exists in the 'OPTIONS /build/upload/:jobId/' endpoint. Unauthenticated attackers can enumerate valid builder job IDs by observing response discrepancies. This allow...

6.9CVSS5.8AI score0.00241EPSS
Exploits0References7
Citrix
Citrix
added 2019/01/11 12:0 a.m.8 views

Citrix ADM: Upgrade of ADC from ADM fails after exactly 30 mins

When you check the 'Execution history' of the upgrade, you will find Build upload through SCP to ADC failing at exactly 30 mins...

7.1AI score
Exploits0
Rows per page
Query Builder