CVE-2026-56236

MEDIUM 6.1

Capgo CLI - Arbitrary File Overwrite via Symlink-Following in Local Credential Operations

CVSS Score

6.1

EPSS Score

0.0%

EPSS Percentile

0th

Capgo CLI before 12.128.2 contains arbitrary file overwrite vulnerabilities in login and build credentials operations that follow symlinks without validation. Attackers can create malicious symlinks in repositories to overwrite arbitrary files or expose credentials with world-readable permissions when developers run the CLI.

CWE	CWE-59
Vendor	capgo
Product	cli
Published	Jun 21, 2026

Stay Ahead of the Next One

Get instant alerts for capgo cli

Be the first to know when new medium vulnerabilities affecting capgo cli are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

Low

Integrity

High

Availability

None

Affected Versions

capgo / cli

0 < 12.128.2

References

NVD ↗ CVE.org ↗ EPSS Data ↗

github.com: https://github.com/Cap-go/capgo/security/advisories/GHSA-8mpm-q7mh-8fvh vulncheck.com: https://www.vulncheck.com/advisories/capgo-cli-arbitrary-file-overwrite-via-symlink-following-in-local-credential-operations

Credits

🔍 Judel777