Is CVE-2026-56314 exploitable?

No community verdicts yet for CVE-2026-56314. Be the first to weigh in.

Is CVE-2026-56314 a false positive?

No community verdicts yet for CVE-2026-56314.

How do I remediate CVE-2026-56314?

See the authoritative references (NVD, vendor advisory) and community field notes on this page for remediation guidance.

CVE-2026-56314

is CVE-2026-56314real, exploitable, or a false positive? Here's the community verdict.

☆ Watch

High · CVSS 7.1EPSS 0.3%CWE-672

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L

Capgo before 12.128.12 fails to filter deleted app versions when joining channels during /updates resolution, allowing deleted bundles to remain selectable. Attackers can continue deploying deleted bundles to devices by exploiting the missing app_versions.deleted filter in channel version joins.

References

NVD MITRE CVE.org

Published Jun 22, 2026

Embed this verdict

Markdown

[![TruePositive verdict](https://www.truepositive.app/cve/CVE-2026-56314/badge.svg)](https://www.truepositive.app/cve/CVE-2026-56314)

HTML

<a href="https://www.truepositive.app/cve/CVE-2026-56314"><img src="https://www.truepositive.app/cve/CVE-2026-56314/badge.svg" alt="TruePositive verdict for CVE-2026-56314"></a>

Live badge that updates automatically as the community verdict changes.

Community ground truth

In your experience, is this finding real and exploitable?

0 verdicts

Not a real issue

No account needed. Anonymous verdicts post as an unverified signal. Log in to make yours verified and earn reputation.

Field notes & remediation

Verdicts are the quick signal. Notes are the evidence and fixes behind them.

No notes yet. Be the first to share what you saw, or a fix that worked.

Add a field note or remediationoptional