Description
Capgo before 12.128.2 contains an information disclosure vulnerability in the unauthenticated /replication endpoint that exposes internal PostgreSQL replication telemetry including slot names and WAL LSN positions. Attackers can access this endpoint without authentication to retrieve sensitive infrastructure details such as replication slot names, confirmed_flush_lsn, restart_lsn values, and database error messages for reconnaissance purposes.
Published: 2026-06-20
Score: 6.9 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Capgo versions prior to 12.128.2 expose sensitive PostgreSQL replication telemetry through the unauthenticated /replication endpoint. The vulnerability allows an attacker to retrieve details such as replication slot names, confirmed_flush_lsn, restart_lsn, and database error messages, which can facilitate reconnaissance of the underlying database infrastructure. This can lead to knowledge of internal configurations that may be leveraged in future attacks, compromising the confidentiality of system data.

Affected Systems

The affected system is Capgo, a platform for real‑time data synchronization. Versions older than 12.128.2 are vulnerable. No specific minor patch releases are listed in the CNA data, but any release after 12.128.2 is considered safe.

Risk and Exploitability

The CVSS score of 6.9 indicates a medium severity vulnerability. The EPSS score is not available, so the probability of exploitation remains uncertain, and the issue is not currently tracked in CISA KEV. Attackers can reach the vulnerable endpoint without authentication, making it easily exploitable in scenarios where the network perimeter allows such traffic. The immediate risk is the inadvertent disclosure of replication telemetry, potentially aiding attackers in mapping the backend database architecture.

Generated by OpenCVE AI on June 20, 2026 at 17:22 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Capgo to version 12.128.2 or later to remove the exposure.
  • Restrict unauthenticated access to the /replication endpoint using firewalls, VPNs, or service‑level access controls to limit visibility to trusted internal hosts.
  • Regularly audit replication slot configurations and monitor service logs for unusual access patterns to detect possible reconnaissance attempts.

Generated by OpenCVE AI on June 20, 2026 at 17:22 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sat, 20 Jun 2026 16:15:00 +0000

Type Values Removed Values Added
Description Capgo before 12.128.2 contains an information disclosure vulnerability in the unauthenticated /replication endpoint that exposes internal PostgreSQL replication telemetry including slot names and WAL LSN positions. Attackers can access this endpoint without authentication to retrieve sensitive infrastructure details such as replication slot names, confirmed_flush_lsn, restart_lsn values, and database error messages for reconnaissance purposes.
Title Capgo - Information Disclosure via Unauthenticated /replication Endpoint
Weaknesses CWE-200
References
Metrics cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N'}

cvssV4_0

{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-06-20T15:24:44.716Z

Reserved: 2026-06-20T01:51:24.919Z

Link: CVE-2026-56282

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-20T17:30:08Z

Weaknesses
  • CWE-200

    Exposure of Sensitive Information to an Unauthorized Actor