MEDIUM
liquidfiles
CVE published 2026-06-20
CVE-2026-12673
CVE-2026-12673 is a medium-severity vulnerability in Liquidfiles versions before 4.2.12. It is caused by a broken access control issue that allows privilege escalation from an Admin in a secondary domain to a Sysadmin by modifying a group in their managed secondary (non-default) group. The CVSS score for this vulnerability is 5.9. The vulnerability was published on June 20, 2026. Defenders should assess t [truncated]