← Back
2026-06-20 15:24CVE-2026-56282VulnCheck
PUBLISHED5.2CWE-200

Capgo - Information Disclosure via Unauthenticated /replication Endpoint

Capgo before 12.128.2 contains an information disclosure vulnerability in the unauthenticated /replication endpoint that exposes internal PostgreSQL replication telemetry including slot names and WAL LSN positions. Attackers can access this endpoint without authentication to retrieve sensitive infrastructure details such as replication slot names, confirmed_flush_lsn, restart_lsn values, and database error messages for reconnaissance purposes.

Problem type

Affected products

Capgo

Capgo

< 12.128.2 - AFFECTED

12.128.2 - UNAFFECTED

References

GHSA Advisory GHSA-q6gm-xfwr-44f5

https://github.com/Cap-go/capgo/security/advisories/GHSA-q6gm-xfwr-44f5

vendor-advisory
VulnCheck Advisory: Capgo - Information Disclosure via Unauthenticated /replication Endpoint

https://www.vulncheck.com/advisories/capgo-information-disclosure-via-unauthenticated-replication-endpoint

third-party-advisory

GitHub Security Advisories

GHSA-6fvp-3fgp-7pvf

Capgo before 12.128.2 contains an information disclosure vulnerability in the unauthenticated ...

https://github.com/advisories/GHSA-6fvp-3fgp-7pvf

Capgo before 12.128.2 contains an information disclosure vulnerability in the unauthenticated /replication endpoint that exposes internal PostgreSQL replication telemetry including slot names and WAL LSN positions. Attackers can access this endpoint without authentication to retrieve sensitive infrastructure details such as replication slot names, confirmed_flush_lsn, restart_lsn values, and database error messages for reconnaissance purposes.

github.com

https://github.com/Cap-go/capgo/security/advisories/GHSA-q6gm-xfwr-44f5

nvd.nist.gov

https://nvd.nist.gov/vuln/detail/CVE-2026-56282

vulncheck.com

https://www.vulncheck.com/advisories/capgo-information-disclosure-via-unauthenticated-replication-endpoint

github.com

https://github.com/advisories/GHSA-6fvp-3fgp-7pvf

JSON source

https://cveawg.mitre.org/api/cve/CVE-2026-56282
Click to expand
{
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "cveMetadata": {
    "cveId": "CVE-2026-56282",
    "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
    "assignerShortName": "VulnCheck",
    "dateUpdated": "2026-06-20T15:24:44.716Z",
    "dateReserved": "2026-06-20T01:51:24.919Z",
    "datePublished": "2026-06-20T15:24:44.716Z",
    "state": "PUBLISHED"
  },
  "containers": {
    "cna": {
      "providerMetadata": {
        "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "shortName": "VulnCheck",
        "dateUpdated": "2026-06-20T15:24:44.716Z"
      },
      "datePublic": "2026-03-03T00:00:00.000Z",
      "title": "Capgo - Information Disclosure via Unauthenticated /replication Endpoint",
      "descriptions": [
        {
          "lang": "en",
          "value": "Capgo before 12.128.2 contains an information disclosure vulnerability in the unauthenticated /replication endpoint that exposes internal PostgreSQL replication telemetry including slot names and WAL LSN positions. Attackers can access this endpoint without authentication to retrieve sensitive infrastructure details such as replication slot names, confirmed_flush_lsn, restart_lsn values, and database error messages for reconnaissance purposes."
        }
      ],
      "affected": [
        {
          "vendor": "Capgo",
          "product": "Capgo",
          "defaultStatus": "unaffected",
          "versions": [
            {
              "version": "0",
              "status": "affected",
              "versionType": "semver",
              "lessThan": "12.128.2"
            },
            {
              "version": "12.128.2",
              "status": "unaffected",
              "versionType": "semver"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "lang": "en",
              "description": "Exposure of Sensitive Information to an Unauthorized Actor",
              "cweId": "CWE-200",
              "type": "CWE"
            }
          ]
        }
      ],
      "references": [
        {
          "url": "https://github.com/Cap-go/capgo/security/advisories/GHSA-q6gm-xfwr-44f5",
          "name": "GHSA Advisory GHSA-q6gm-xfwr-44f5",
          "tags": [
            "vendor-advisory"
          ]
        },
        {
          "url": "https://www.vulncheck.com/advisories/capgo-information-disclosure-via-unauthenticated-replication-endpoint",
          "name": "VulnCheck Advisory: Capgo - Information Disclosure via Unauthenticated /replication Endpoint",
          "tags": [
            "third-party-advisory"
          ]
        }
      ],
      "metrics": [
        {
          "format": "CVSS"
        },
        {
          "format": "CVSS",
          "cvssV3_1": {
            "version": "3.1",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "attackVector": "NETWORK",
            "attackComplexity": "LOW",
            "privilegesRequired": "NONE",
            "userInteraction": "NONE",
            "scope": "UNCHANGED",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM"
          }
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Judel777",
          "type": "reporter"
        }
      ]
    }
  }
}