6 matches found
CVE-2026-56314
Capgo before 12.128.12 fails to filter deleted app versions when joining channels during /updates resolution, allowing deleted bundles to remain selectable. Attackers can continue deploying deleted bundles to devices by exploiting the missing appversions.deleted filter in channel version joins...
CVE-2026-56314
Capgo before 12.128.12 fails to filter deleted app versions when joining channels during /updates resolution, allowing deleted bundles to remain selectable. Attackers can continue deploying deleted bundles to devices by exploiting the missing appversions.deleted filter in channel version joins...
CVE-2026-56314 Capgo - Deleted Bundle Selection via Missing Deletion Filter in /updates Endpoint
Capgo before 12.128.12 fails to filter deleted app versions when joining channels during /updates resolution, allowing deleted bundles to remain selectable. Attackers can continue deploying deleted bundles to devices by exploiting the missing appversions.deleted filter in channel version joins...
CVE-2026-56314
Capgo before 12.128.12 has a flaw in /updates resolution: it does not filter deleted app versions when joining channels, so deleted bundles may remain selectable. This enables attackers to continue deploying deleted bundles to devices via channel version joins due to missing app_versions.deleted ...
EUVD-2026-38371
Capgo before 12.128.12 fails to filter deleted app versions when joining channels during /updates resolution, allowing deleted bundles to remain selectable. Attackers can continue deploying deleted bundles to devices by exploiting the missing appversions.deleted filter in channel version joins...
PT-2026-51409
Name of the Vulnerable Software and Affected Versions Capgo versions prior to 12.128.12 Description The software fails to filter deleted app versions when joining channels during the resolution of the '/updates' endpoint. This occurs due to a missing app versions.deleted filter in channel version...