Low severity3.5NVD Advisory· Published Nov 11, 2020· Updated Jun 17, 2026
CVE-2020-26220
CVE-2020-26220
Description
toucbase.ai before version 2.0 leaks information by not stripping exif data from images. Anyone with access to the uploaded image of other users could obtain its geolocation, device, and software version data etc (if present. The issue is fixed in version 2.0.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: < 2.0
Patches
Vulnerability mechanics
References
2- github.com/puncsky/touchbase.ai/pull/400/commits/69de77b163f6debaeb3f8d1a85367310a40d196fnvdPatchThird Party Advisory
- github.com/puncsky/touchbase.ai/security/advisories/GHSA-hh6j-j73p-cp3hnvdThird Party Advisory
News mentions
0No linked articles in our index yet.