CVE-2026-56299— Capgo - Denial of Service via Unauthenticated OPTIONS Request to /build/upload Endpoint
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-56299
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Capgo - Denial of Service via Unauthenticated OPTIONS Request to /build/upload Endpoint
Source: NVD (National Vulnerability Database)
Vulnerability Description
Capgo before 12.128.2 contains an authentication bypass vulnerability in the /build/upload/:jobId/* endpoint that allows unauthenticated attackers to trigger consistent 500 errors. Remote attackers can send OPTIONS requests to bypass authentication middleware and invoke tusProxy logic with invalid credentials, enabling trivial request flooding and denial of service.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Source: NVD (National Vulnerability Database)
Vulnerability Type
关键功能的认证机制缺失
Source: NVD (National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2026-56299
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-56299
请登录查看更多情报信息。
Vendor Advisories for CVE-2026-56299 (1)
Other References for CVE-2026-56299 (1)
Same Patch Batch · Capgo · 2026-06-21 · 7 CVEs total
| CVE-2026-56239 | 7.6 HIGH | Capgo - Privilege Escalation via SECURITY DEFINER Function apply_usage_overage |
| CVE-2026-56242 | 7.5 HIGH | Capgo - Unauthenticated API Key Validity Oracle and User Identity Disclosure via get_ident |
| CVE-2026-56253 | 7.5 HIGH | Capgo - Unauthenticated Organization Member Email Disclosure via get_org_members RPC |
| CVE-2026-56229 | 6.5 MEDIUM | Capgo - Cross-App Build Job Access via app_id/job_id Mismatch in /build/status and /build/ |
| CVE-2026-56251 | 6.5 MEDIUM | Capgo - Privilege Escalation via Broken Row Level Security in org_users |
| CVE-2026-56236 | 6.1 MEDIUM | Capgo CLI - Arbitrary File Overwrite via Symlink-Following in Local Credential Operations |
IV. Related Vulnerabilities
Same product: Capgo
- CVE-2026-56337
Capgo - Information Disclosure via Unauthenticated RPC Funct - CVE-2026-56338
Capgo - Denial of Service in 2FA Email Verification via /aut - CVE-2026-56310
Cap-go - Authorization Bypass in Organization Members Endpoi - CVE-2026-56302
Capgo - Unsecured Supabase Images Bucket via Missing Row Lev - CVE-2026-56257
Capgo - Authorization Bypass in App Ownership Transfer via D
Same vendor: Capgo
- CVE-2026-56337
Capgo - Information Disclosure via Unauthenticated RPC Funct - CVE-2026-56338
Capgo - Denial of Service in 2FA Email Verification via /aut - CVE-2026-56302
Capgo - Unsecured Supabase Images Bucket via Missing Row Lev - CVE-2026-56257
Capgo - Authorization Bypass in App Ownership Transfer via D - CVE-2026-56256
Capgo - Two-Factor Authentication Bypass via Organization Ma
Same weakness: CWE-306
- CVE-2026-13325
Virt-handler-rhel9: kubevirt: kubevirt: disabletls migration - CVE-2026-43920
FOSSBilling: Unauthenticated update patcher endpoint allows - CVE-2025-71327
Flowise - Authentication Bypass via Unprotected Registration - CVE-2026-40702
EVoke Systems EVoke CSMS Missing Authentication for Critical - CVE-2026-54040
LibreChat: 2FA Backup Code Regeneration Without OTP Verifica
V. Comments for CVE-2026-56299
No comments yet