CVE-2026-12673

UNKNOWN 0.0

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

Liquidfiles versions before 4.2.12 are affected by a broken access control vulnerability resulting in privilege escalation from an Admin in a secondary domain to a Sysadmin by modifying a group in their managed secondary (non-default) group.

CWE	CWE-285
Vendor	liquidfiles
Product	liquidfiles
Published	Jun 20, 2026

Stay Ahead of the Next One

Get instant alerts for liquidfiles liquidfiles

Be the first to know when new unknown vulnerabilities affecting liquidfiles liquidfiles are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

liquidfiles / liquidfiles

0 < 4.2.12

References

NVD ↗ CVE.org ↗ EPSS Data ↗

docs.liquidfiles.com: https://docs.liquidfiles.com/release_notes/version_4-2-x.html projectblack.io: https://projectblack.io/blog/liquidfiles-privilege-escalation/