CVE-2026-56233 HIGH

CVE-2026-56233: Capgo - SSRF and Privilege Escalation via Path Traversal in Builder Upload Proxy

Vendor Capgo
Product Capgo
Weakness CWE-22 · Path traversal
Published June 30, 2026
Last update July 1, 2026

CVSS base score

8.7/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N

What the vulnerability does

01Description

Capgo before 12.128.2 contains a path traversal vulnerability in the builder upload proxy that allows authenticated users with build permissions to bypass upload restrictions. Attackers can append traversal sequences to the upload path, which are normalized by the WHATWG URL parser, enabling access to internal administrative endpoints with the privileged BUILDER_API_KEY header and resulting in server-side privilege escalation.

Key dates

02Disclosure timeline

June 30, 2026 CVE published
July 1, 2026 Record updated