Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    100 vulnerabilities found for Gitea Open Source Git Server by Gitea

    CVE-2026-58426 (GCVE-0-2026-58426)

    Vulnerability from nvd – Published: 2026-07-03 20:54 – Updated: 2026-07-03 20:54
    VLAI
    Title
    Gitea Actions Artifacts V4 signed URL HMAC ambiguity allows cross-repository artifact read and cross-task upload-state write
    Summary
    Gitea Actions Artifacts V4 signed URL HMAC ambiguity allows cross-repository artifact read and cross-task upload-state write
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Gitea Gitea Open Source Git Server Affected: 1.22.0 , ≤ 1.26.1 (semver)
    Create a notification for this product.
    Credits
    kamil-sawicki
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Gitea Open Source Git Server",
              "vendor": "Gitea",
              "versions": [
                {
                  "lessThanOrEqual": "1.26.1",
                  "status": "affected",
                  "version": "1.22.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "kamil-sawicki"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Gitea Actions Artifacts V4 signed URL HMAC ambiguity allows cross-repository artifact read and cross-task upload-state write"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 9.6,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-347",
                  "description": "CWE-347",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-03T20:54:53.283Z",
            "orgId": "88ee5874-cf24-4952-aea0-31affedb7ff2",
            "shortName": "Gitea"
          },
          "references": [
            {
              "name": "GitHub Security Advisory",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://github.com/go-gitea/gitea/security/advisories/GHSA-hg5r-vq93-9fv6"
            },
            {
              "name": "GitHub Pull Request #37707",
              "tags": [
                "patch"
              ],
              "url": "https://github.com/go-gitea/gitea/pull/37707"
            },
            {
              "name": "Gitea v1.26.2 Release",
              "tags": [
                "release-notes"
              ],
              "url": "https://github.com/go-gitea/gitea/releases/tag/v1.26.2"
            },
            {
              "name": "Gitea v1.26.2 Release Blog Post",
              "tags": [
                "release-notes"
              ],
              "url": "https://blog.gitea.com/release-of-1.26.2/"
            }
          ],
          "title": "Gitea Actions Artifacts V4 signed URL HMAC ambiguity allows cross-repository artifact read and cross-task upload-state write",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "88ee5874-cf24-4952-aea0-31affedb7ff2",
        "assignerShortName": "Gitea",
        "cveId": "CVE-2026-58426",
        "datePublished": "2026-07-03T20:54:53.283Z",
        "dateReserved": "2026-06-30T18:57:20.615Z",
        "dateUpdated": "2026-07-03T20:54:53.283Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-58424 (GCVE-0-2026-58424)

    Vulnerability from nvd – Published: 2026-07-03 20:54 – Updated: 2026-07-03 20:54
    VLAI
    Title
    Permanent Fork PR Workflow Approval Gate Bypass
    Summary
    Permanent Fork PR Workflow Approval Gate Bypass
    Assigner
    Impacted products
    Vendor Product Version
    Gitea Gitea Open Source Git Server Affected: 0 , ≤ 1.26.2 (semver)
    Create a notification for this product.
    Credits
    prakhar0x01
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Gitea Open Source Git Server",
              "vendor": "Gitea",
              "versions": [
                {
                  "lessThanOrEqual": "1.26.2",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "prakhar0x01"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Permanent Fork PR Workflow Approval Gate Bypass"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.9,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "LOW",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-285",
                  "description": "CWE-285",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-732",
                  "description": "CWE-732",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-863",
                  "description": "CWE-863",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-03T20:54:52.923Z",
            "orgId": "88ee5874-cf24-4952-aea0-31affedb7ff2",
            "shortName": "Gitea"
          },
          "references": [
            {
              "name": "GitHub Security Advisory",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://github.com/go-gitea/gitea/security/advisories/GHSA-777r-4v59-6486"
            },
            {
              "name": "GitHub Pull Request #38010",
              "tags": [
                "patch"
              ],
              "url": "https://github.com/go-gitea/gitea/pull/38010"
            },
            {
              "name": "Gitea v1.26.4 Release",
              "tags": [
                "release-notes"
              ],
              "url": "https://github.com/go-gitea/gitea/releases/tag/v1.26.4"
            },
            {
              "name": "Gitea v1.26.4 Release Blog Post",
              "tags": [
                "release-notes"
              ],
              "url": "https://blog.gitea.com/release-of-1.26.3-and-1.26.4/"
            }
          ],
          "title": "Permanent Fork PR Workflow Approval Gate Bypass",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "88ee5874-cf24-4952-aea0-31affedb7ff2",
        "assignerShortName": "Gitea",
        "cveId": "CVE-2026-58424",
        "datePublished": "2026-07-03T20:54:52.923Z",
        "dateReserved": "2026-06-30T18:57:20.614Z",
        "dateUpdated": "2026-07-03T20:54:52.923Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-58423 (GCVE-0-2026-58423)

    Vulnerability from nvd – Published: 2026-07-03 20:54 – Updated: 2026-07-03 20:54
    VLAI
    Title
    LFS authentication bypass via malformed SSH sub-verb allows unauthorized read access to private repositories
    Summary
    LFS authentication bypass via malformed SSH sub-verb allows unauthorized read access to private repositories
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Gitea Gitea Open Source Git Server Affected: 1.23.0 , ≤ 1.26.2 (semver)
    Create a notification for this product.
    Credits
    Tomer-PL
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Gitea Open Source Git Server",
              "vendor": "Gitea",
              "versions": [
                {
                  "lessThanOrEqual": "1.26.2",
                  "status": "affected",
                  "version": "1.23.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "Tomer-PL"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "LFS authentication bypass via malformed SSH sub-verb allows unauthorized read access to private repositories"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 7.7,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-287",
                  "description": "CWE-287",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-03T20:54:52.580Z",
            "orgId": "88ee5874-cf24-4952-aea0-31affedb7ff2",
            "shortName": "Gitea"
          },
          "references": [
            {
              "name": "GitHub Security Advisory",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://github.com/go-gitea/gitea/security/advisories/GHSA-7wvc-rvp7-w99x"
            },
            {
              "name": "GitHub Pull Request #38008",
              "tags": [
                "patch"
              ],
              "url": "https://github.com/go-gitea/gitea/pull/38008"
            },
            {
              "name": "Gitea v1.26.4 Release",
              "tags": [
                "release-notes"
              ],
              "url": "https://github.com/go-gitea/gitea/releases/tag/v1.26.4"
            },
            {
              "name": "Gitea v1.26.4 Release Blog Post",
              "tags": [
                "release-notes"
              ],
              "url": "https://blog.gitea.com/release-of-1.26.3-and-1.26.4/"
            }
          ],
          "title": "LFS authentication bypass via malformed SSH sub-verb allows unauthorized read access to private repositories",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "88ee5874-cf24-4952-aea0-31affedb7ff2",
        "assignerShortName": "Gitea",
        "cveId": "CVE-2026-58423",
        "datePublished": "2026-07-03T20:54:52.580Z",
        "dateReserved": "2026-06-30T18:57:20.614Z",
        "dateUpdated": "2026-07-03T20:54:52.580Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-58422 (GCVE-0-2026-58422)

    Vulnerability from nvd – Published: 2026-07-03 20:54 – Updated: 2026-07-03 20:54
    VLAI
    Title
    Improper authorization on OAuth sign-in callback silently re-enables administrator-disabled accounts
    Summary
    Improper authorization on OAuth sign-in callback silently re-enables administrator-disabled accounts
    Severity
    No CVSS data available.
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Gitea Gitea Open Source Git Server Affected: 0 , ≤ 1.26.1 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Gitea Open Source Git Server",
              "vendor": "Gitea",
              "versions": [
                {
                  "lessThanOrEqual": "1.26.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Improper authorization on OAuth sign-in callback silently re-enables administrator-disabled accounts"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-284",
                  "description": "CWE-284",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-03T20:54:52.236Z",
            "orgId": "88ee5874-cf24-4952-aea0-31affedb7ff2",
            "shortName": "Gitea"
          },
          "references": [
            {
              "name": "GitHub Security Advisory",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://github.com/go-gitea/gitea/security/advisories/GHSA-g9g6-qhrc-p3qc"
            },
            {
              "name": "GitHub Pull Request #38009",
              "tags": [
                "patch"
              ],
              "url": "https://github.com/go-gitea/gitea/pull/38009"
            },
            {
              "name": "Gitea v1.26.4 Release",
              "tags": [
                "release-notes"
              ],
              "url": "https://github.com/go-gitea/gitea/releases/tag/v1.26.4"
            },
            {
              "name": "Gitea v1.26.4 Release Blog Post",
              "tags": [
                "release-notes"
              ],
              "url": "https://blog.gitea.com/release-of-1.26.3-and-1.26.4/"
            }
          ],
          "title": "Improper authorization on OAuth sign-in callback silently re-enables administrator-disabled accounts",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "88ee5874-cf24-4952-aea0-31affedb7ff2",
        "assignerShortName": "Gitea",
        "cveId": "CVE-2026-58422",
        "datePublished": "2026-07-03T20:54:52.236Z",
        "dateReserved": "2026-06-30T18:57:20.614Z",
        "dateUpdated": "2026-07-03T20:54:52.236Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-58421 (GCVE-0-2026-58421)

    Vulnerability from nvd – Published: 2026-07-03 20:54 – Updated: 2026-07-03 20:54
    VLAI
    Title
    Unauthenticated ReDoS via CODEOWNERS pattern matching allows denial of service
    Summary
    Unauthenticated ReDoS via CODEOWNERS pattern matching allows denial of service
    Severity
    No CVSS data available.
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Gitea Gitea Open Source Git Server Affected: 0 , < 1.26.2 (semver)
    Create a notification for this product.
    Credits
    AdamKorcz
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Gitea Open Source Git Server",
              "vendor": "Gitea",
              "versions": [
                {
                  "lessThan": "1.26.2",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "AdamKorcz"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Unauthenticated ReDoS via CODEOWNERS pattern matching allows denial of service"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-284",
                  "description": "CWE-284",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-03T20:54:51.884Z",
            "orgId": "88ee5874-cf24-4952-aea0-31affedb7ff2",
            "shortName": "Gitea"
          },
          "references": [
            {
              "name": "GitHub Security Advisory",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://github.com/go-gitea/gitea/security/advisories/GHSA-v96j-25gv-g2w9"
            },
            {
              "name": "GitHub Pull Request #38011",
              "tags": [
                "patch"
              ],
              "url": "https://github.com/go-gitea/gitea/pull/38011"
            },
            {
              "name": "Gitea v1.26.4 Release",
              "tags": [
                "release-notes"
              ],
              "url": "https://github.com/go-gitea/gitea/releases/tag/v1.26.4"
            },
            {
              "name": "Gitea v1.26.4 Release Blog Post",
              "tags": [
                "release-notes"
              ],
              "url": "https://blog.gitea.com/release-of-1.26.3-and-1.26.4/"
            }
          ],
          "title": "Unauthenticated ReDoS via CODEOWNERS pattern matching allows denial of service",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "88ee5874-cf24-4952-aea0-31affedb7ff2",
        "assignerShortName": "Gitea",
        "cveId": "CVE-2026-58421",
        "datePublished": "2026-07-03T20:54:51.884Z",
        "dateReserved": "2026-06-30T18:57:20.614Z",
        "dateUpdated": "2026-07-03T20:54:51.884Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-58419 (GCVE-0-2026-58419)

    Vulnerability from nvd – Published: 2026-07-03 20:54 – Updated: 2026-07-03 20:54
    VLAI
    Title
    Notification API leaks private issue metadata after access revocation
    Summary
    Notification API leaks private issue metadata after access revocation
    Severity
    No CVSS data available.
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Gitea Gitea Open Source Git Server Affected: 1.26.2 (semver)
    Create a notification for this product.
    Credits
    ybsun0215
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Gitea Open Source Git Server",
              "vendor": "Gitea",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.26.2",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "ybsun0215"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Notification API leaks private issue metadata after access revocation"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-200",
                  "description": "CWE-200",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-03T20:54:51.523Z",
            "orgId": "88ee5874-cf24-4952-aea0-31affedb7ff2",
            "shortName": "Gitea"
          },
          "references": [
            {
              "name": "GitHub Security Advisory",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://github.com/go-gitea/gitea/security/advisories/GHSA-44qc-pgvp-wx7v"
            },
            {
              "name": "GitHub Pull Request #38108",
              "tags": [
                "patch"
              ],
              "url": "https://github.com/go-gitea/gitea/pull/38108"
            },
            {
              "name": "Gitea v1.26.4 Release",
              "tags": [
                "release-notes"
              ],
              "url": "https://github.com/go-gitea/gitea/releases/tag/v1.26.4"
            },
            {
              "name": "Gitea v1.26.4 Release Blog Post",
              "tags": [
                "release-notes"
              ],
              "url": "https://blog.gitea.com/release-of-1.26.3-and-1.26.4/"
            }
          ],
          "title": "Notification API leaks private issue metadata after access revocation",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "88ee5874-cf24-4952-aea0-31affedb7ff2",
        "assignerShortName": "Gitea",
        "cveId": "CVE-2026-58419",
        "datePublished": "2026-07-03T20:54:51.523Z",
        "dateReserved": "2026-06-30T18:57:20.613Z",
        "dateUpdated": "2026-07-03T20:54:51.523Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-58418 (GCVE-0-2026-58418)

    Vulnerability from nvd – Published: 2026-07-03 20:54 – Updated: 2026-07-03 20:54
    VLAI
    Title
    SSRF via HTTP Redirect in Repository Migration
    Summary
    SSRF via HTTP Redirect in Repository Migration
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Gitea Gitea Open Source Git Server Affected: 0 , ≤ 1.25.4 (semver)
    Create a notification for this product.
    Credits
    moltenbit
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Gitea Open Source Git Server",
              "vendor": "Gitea",
              "versions": [
                {
                  "lessThanOrEqual": "1.25.4",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "moltenbit"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "SSRF via HTTP Redirect in Repository Migration"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-918",
                  "description": "CWE-918",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-03T20:54:51.149Z",
            "orgId": "88ee5874-cf24-4952-aea0-31affedb7ff2",
            "shortName": "Gitea"
          },
          "references": [
            {
              "name": "GitHub Security Advisory",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://github.com/go-gitea/gitea/security/advisories/GHSA-rqhx-647v-wx32"
            },
            {
              "name": "GitHub Pull Request #38108",
              "tags": [
                "patch"
              ],
              "url": "https://github.com/go-gitea/gitea/pull/38108"
            },
            {
              "name": "Gitea v1.26.4 Release",
              "tags": [
                "release-notes"
              ],
              "url": "https://github.com/go-gitea/gitea/releases/tag/v1.26.4"
            },
            {
              "name": "Gitea v1.26.4 Release Blog Post",
              "tags": [
                "release-notes"
              ],
              "url": "https://blog.gitea.com/release-of-1.26.3-and-1.26.4/"
            }
          ],
          "title": "SSRF via HTTP Redirect in Repository Migration",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "88ee5874-cf24-4952-aea0-31affedb7ff2",
        "assignerShortName": "Gitea",
        "cveId": "CVE-2026-58418",
        "datePublished": "2026-07-03T20:54:51.149Z",
        "dateReserved": "2026-06-30T18:57:20.613Z",
        "dateUpdated": "2026-07-03T20:54:51.149Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-28744 (GCVE-0-2026-28744)

    Vulnerability from nvd – Published: 2026-07-03 20:19 – Updated: 2026-07-03 20:19
    VLAI
    Title
    Gitea Git smart HTTP bypasses repository token scopes for bearer tokens
    Summary
    Gitea versions up to and including 1.26.1 allow Git smart HTTP requests authenticated with bearer tokens to bypass repository token scope checks.
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Gitea Gitea Open Source Git Server Affected: 0 , ≤ 1.26.1 (semver)
    Create a notification for this product.
    Credits
    ohxorud-dev lunny
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Gitea Open Source Git Server",
              "vendor": "Gitea",
              "versions": [
                {
                  "lessThanOrEqual": "1.26.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "ohxorud-dev"
            },
            {
              "lang": "en",
              "type": "remediation developer",
              "value": "lunny"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Gitea versions up to and including 1.26.1 allow Git smart HTTP requests authenticated with bearer tokens to bypass repository token scope checks."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 8.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-863",
                  "description": "CWE-863",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-03T20:19:40.031Z",
            "orgId": "88ee5874-cf24-4952-aea0-31affedb7ff2",
            "shortName": "Gitea"
          },
          "references": [
            {
              "name": "GitHub Security Advisory",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://github.com/go-gitea/gitea/security/advisories/GHSA-cc8w-r4qh-3v65"
            },
            {
              "name": "GitHub Pull Request #37583",
              "tags": [
                "patch"
              ],
              "url": "https://github.com/go-gitea/gitea/pull/37583"
            },
            {
              "name": "Gitea v1.26.2 Release",
              "tags": [
                "release-notes"
              ],
              "url": "https://github.com/go-gitea/gitea/releases/tag/v1.26.2"
            },
            {
              "name": "Gitea v1.26.2 Release Blog Post",
              "tags": [
                "release-notes"
              ],
              "url": "https://blog.gitea.com/release-of-1.26.2/"
            }
          ],
          "title": "Gitea Git smart HTTP bypasses repository token scopes for bearer tokens",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "88ee5874-cf24-4952-aea0-31affedb7ff2",
        "assignerShortName": "Gitea",
        "cveId": "CVE-2026-28744",
        "datePublished": "2026-07-03T20:19:40.031Z",
        "dateReserved": "2026-03-03T03:25:50.255Z",
        "dateUpdated": "2026-07-03T20:19:40.031Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-28740 (GCVE-0-2026-28740)

    Vulnerability from nvd – Published: 2026-07-03 20:19 – Updated: 2026-07-03 20:19
    VLAI
    Title
    Gitea LFS object reuse bypasses Code-unit authorization
    Summary
    Gitea versions up to and including 1.26.2 allow Git LFS object reuse to authorize private source objects for users who have repository access but lack Code-unit access.
    Assigner
    Impacted products
    Vendor Product Version
    Gitea Gitea Open Source Git Server Affected: 0 , ≤ 1.26.2 (semver)
    Create a notification for this product.
    Credits
    m2hcz
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Gitea Open Source Git Server",
              "vendor": "Gitea",
              "versions": [
                {
                  "lessThanOrEqual": "1.26.2",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "m2hcz"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Gitea versions up to and including 1.26.2 allow Git LFS object reuse to authorize private source objects for users who have repository access but lack Code-unit access."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-639",
                  "description": "CWE-639",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-863",
                  "description": "CWE-863",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-03T20:19:39.687Z",
            "orgId": "88ee5874-cf24-4952-aea0-31affedb7ff2",
            "shortName": "Gitea"
          },
          "references": [
            {
              "name": "GitHub Security Advisory",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://github.com/go-gitea/gitea/security/advisories/GHSA-2m9v-5q2g-58vq"
            },
            {
              "name": "GitHub Pull Request #38050",
              "tags": [
                "patch"
              ],
              "url": "https://github.com/go-gitea/gitea/pull/38050"
            },
            {
              "name": "Gitea v1.26.3 Release",
              "tags": [
                "release-notes"
              ],
              "url": "https://github.com/go-gitea/gitea/releases/tag/v1.26.3"
            },
            {
              "name": "Gitea v1.26.4 Release Blog Post",
              "tags": [
                "release-notes"
              ],
              "url": "https://blog.gitea.com/release-of-1.26.3-and-1.26.4/"
            }
          ],
          "title": "Gitea LFS object reuse bypasses Code-unit authorization",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "88ee5874-cf24-4952-aea0-31affedb7ff2",
        "assignerShortName": "Gitea",
        "cveId": "CVE-2026-28740",
        "datePublished": "2026-07-03T20:19:39.687Z",
        "dateReserved": "2026-03-03T03:25:59.982Z",
        "dateUpdated": "2026-07-03T20:19:39.687Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-28737 (GCVE-0-2026-28737)

    Vulnerability from nvd – Published: 2026-07-03 20:19 – Updated: 2026-07-03 20:19
    VLAI
    Title
    Gitea 3D file viewer allows stored XSS through glTF extensionsRequired
    Summary
    Gitea versions from 1.25.0 before 1.26.0 allow stored cross-site scripting through the extensionsRequired field in glTF files rendered by the 3D file viewer.
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Impacted products
    Vendor Product Version
    Gitea Gitea Open Source Git Server Affected: 1.25.0 , < 1.26.0 (semver)
    Create a notification for this product.
    Credits
    yonatan-pl
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Gitea Open Source Git Server",
              "vendor": "Gitea",
              "versions": [
                {
                  "lessThan": "1.26.0",
                  "status": "affected",
                  "version": "1.25.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "yonatan-pl"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Gitea versions from 1.25.0 before 1.26.0 allow stored cross-site scripting through the extensionsRequired field in glTF files rendered by the 3D file viewer."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 8.7,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-03T20:19:39.358Z",
            "orgId": "88ee5874-cf24-4952-aea0-31affedb7ff2",
            "shortName": "Gitea"
          },
          "references": [
            {
              "name": "GitHub Security Advisory",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://github.com/go-gitea/gitea/security/advisories/GHSA-9cpj-qc93-vw8v"
            },
            {
              "name": "GitHub Pull Request #37233",
              "tags": [
                "patch"
              ],
              "url": "https://github.com/go-gitea/gitea/pull/37233"
            },
            {
              "name": "Gitea v1.26.0 Release",
              "tags": [
                "release-notes"
              ],
              "url": "https://github.com/go-gitea/gitea/releases/tag/v1.26.0"
            },
            {
              "name": "Gitea v1.26.0 Release Blog Post",
              "tags": [
                "release-notes"
              ],
              "url": "https://blog.gitea.com/release-of-1.26.0/"
            }
          ],
          "title": "Gitea 3D file viewer allows stored XSS through glTF extensionsRequired",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "88ee5874-cf24-4952-aea0-31affedb7ff2",
        "assignerShortName": "Gitea",
        "cveId": "CVE-2026-28737",
        "datePublished": "2026-07-03T20:19:39.358Z",
        "dateReserved": "2026-03-03T03:25:50.217Z",
        "dateUpdated": "2026-07-03T20:19:39.358Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-28705 (GCVE-0-2026-28705)

    Vulnerability from nvd – Published: 2026-07-03 20:19 – Updated: 2026-07-03 20:19
    VLAI
    Title
    Gitea repository dumps write release assets using unsafe path names
    Summary
    Gitea versions before 1.25.5 use release tag names and asset names as filesystem path components when dumping release assets, allowing specially crafted names to affect dump output paths.
    Severity
    No CVSS data available.
    CWE
    • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory
    Assigner
    Impacted products
    Vendor Product Version
    Gitea Gitea Open Source Git Server Affected: 0 , < 1.25.5 (semver)
    Create a notification for this product.
    Credits
    Robert Flosbach from Neodyme AG
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Gitea Open Source Git Server",
              "vendor": "Gitea",
              "versions": [
                {
                  "lessThan": "1.25.5",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "Robert Flosbach from Neodyme AG"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Gitea versions before 1.25.5 use release tag names and asset names as filesystem path components when dumping release assets, allowing specially crafted names to affect dump output paths."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-22",
                  "description": "Improper Limitation of a Pathname to a Restricted Directory",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-03T20:19:39.011Z",
            "orgId": "88ee5874-cf24-4952-aea0-31affedb7ff2",
            "shortName": "Gitea"
          },
          "references": [
            {
              "name": "GitHub Pull Request #36799",
              "tags": [
                "patch"
              ],
              "url": "https://github.com/go-gitea/gitea/pull/36799"
            },
            {
              "name": "GitHub Pull Request #36839",
              "tags": [
                "patch"
              ],
              "url": "https://github.com/go-gitea/gitea/pull/36839"
            },
            {
              "name": "Gitea v1.25.5 Release",
              "tags": [
                "release-notes"
              ],
              "url": "https://github.com/go-gitea/gitea/releases/tag/v1.25.5"
            },
            {
              "name": "Gitea v1.25.5 Release Blog Post",
              "tags": [
                "release-notes"
              ],
              "url": "https://blog.gitea.com/release-of-1.25.5/"
            }
          ],
          "title": "Gitea repository dumps write release assets using unsafe path names",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "88ee5874-cf24-4952-aea0-31affedb7ff2",
        "assignerShortName": "Gitea",
        "cveId": "CVE-2026-28705",
        "datePublished": "2026-07-03T20:19:39.011Z",
        "dateReserved": "2026-03-03T03:25:28.526Z",
        "dateUpdated": "2026-07-03T20:19:39.011Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-28699 (GCVE-0-2026-28699)

    Vulnerability from nvd – Published: 2026-07-03 20:19 – Updated: 2026-07-03 20:19
    VLAI
    Title
    Gitea Basic Auth bypasses OAuth2 access token scopes
    Summary
    Gitea versions up to and including 1.26.1 allow OAuth2 access token scope enforcement to be bypassed through HTTP Basic authentication.
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Gitea Gitea Open Source Git Server Affected: 0 , ≤ 1.26.1 (semver)
    Create a notification for this product.
    Credits
    Alardiians
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Gitea Open Source Git Server",
              "vendor": "Gitea",
              "versions": [
                {
                  "lessThanOrEqual": "1.26.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "Alardiians"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Gitea versions up to and including 1.26.1 allow OAuth2 access token scope enforcement to be bypassed through HTTP Basic authentication."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 8.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-284",
                  "description": "Improper Access Control",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-863",
                  "description": "Incorrect Authorization",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-03T20:19:38.663Z",
            "orgId": "88ee5874-cf24-4952-aea0-31affedb7ff2",
            "shortName": "Gitea"
          },
          "references": [
            {
              "name": "GitHub Security Advisory",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://github.com/go-gitea/gitea/security/advisories/GHSA-9r5x-wg6m-x2rc"
            },
            {
              "name": "GitHub Pull Request #37503",
              "tags": [
                "patch"
              ],
              "url": "https://github.com/go-gitea/gitea/pull/37503"
            },
            {
              "name": "Gitea v1.26.2 Release",
              "tags": [
                "release-notes"
              ],
              "url": "https://github.com/go-gitea/gitea/releases/tag/v1.26.2"
            },
            {
              "name": "Gitea v1.26.2 Release Blog Post",
              "tags": [
                "release-notes"
              ],
              "url": "https://blog.gitea.com/release-of-1.26.2/"
            }
          ],
          "title": "Gitea Basic Auth bypasses OAuth2 access token scopes",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "88ee5874-cf24-4952-aea0-31affedb7ff2",
        "assignerShortName": "Gitea",
        "cveId": "CVE-2026-28699",
        "datePublished": "2026-07-03T20:19:38.663Z",
        "dateReserved": "2026-03-03T03:25:50.232Z",
        "dateUpdated": "2026-07-03T20:19:38.663Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-27783 (GCVE-0-2026-27783)

    Vulnerability from nvd – Published: 2026-07-03 20:19 – Updated: 2026-07-03 20:19
    VLAI
    Title
    Gitea issue-template APIs bypass repository unit authorization
    Summary
    Gitea versions up to and including 1.26.1 do not enforce repository-unit authorization on issue-template API endpoints.
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Gitea Gitea Open Source Git Server Affected: 0 , ≤ 1.26.1 (semver)
    Create a notification for this product.
    Credits
    hoangperry
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Gitea Open Source Git Server",
              "vendor": "Gitea",
              "versions": [
                {
                  "lessThanOrEqual": "1.26.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "hoangperry"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Gitea versions up to and including 1.26.1 do not enforce repository-unit authorization on issue-template API endpoints."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-862",
                  "description": "CWE-862",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-03T20:19:38.321Z",
            "orgId": "88ee5874-cf24-4952-aea0-31affedb7ff2",
            "shortName": "Gitea"
          },
          "references": [
            {
              "name": "GitHub Security Advisory",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://github.com/go-gitea/gitea/security/advisories/GHSA-3fwp-p5rj-2pxf"
            },
            {
              "name": "GitHub Pull Request #37769",
              "tags": [
                "patch"
              ],
              "url": "https://github.com/go-gitea/gitea/pull/37769"
            },
            {
              "name": "GitHub Pull Request #37781",
              "tags": [
                "patch"
              ],
              "url": "https://github.com/go-gitea/gitea/pull/37781"
            },
            {
              "name": "Gitea v1.26.2 Release",
              "tags": [
                "release-notes"
              ],
              "url": "https://github.com/go-gitea/gitea/releases/tag/v1.26.2"
            },
            {
              "name": "Gitea v1.26.2 Release Blog Post",
              "tags": [
                "release-notes"
              ],
              "url": "https://blog.gitea.com/release-of-1.26.2/"
            }
          ],
          "title": "Gitea issue-template APIs bypass repository unit authorization",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "88ee5874-cf24-4952-aea0-31affedb7ff2",
        "assignerShortName": "Gitea",
        "cveId": "CVE-2026-27783",
        "datePublished": "2026-07-03T20:19:38.321Z",
        "dateReserved": "2026-03-03T03:25:50.353Z",
        "dateUpdated": "2026-07-03T20:19:38.321Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-27780 (GCVE-0-2026-27780)

    Vulnerability from nvd – Published: 2026-07-03 20:19 – Updated: 2026-07-03 20:19
    VLAI
    Title
    Gitea pre-receive hook can miss branch-protection checks after scanner errors
    Summary
    Gitea versions before 1.26.0 do not fail closed on bufio.Scanner errors while processing pre-receive hook input, allowing oversized input to bypass branch-protection checks.
    Severity
    No CVSS data available.
    CWE
    • CWE-863 - Incorrect Authorization
    Assigner
    Impacted products
    Vendor Product Version
    Gitea Gitea Open Source Git Server Affected: 0 , < 1.26.0 (semver)
    Create a notification for this product.
    Credits
    yonatan-pl
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Gitea Open Source Git Server",
              "vendor": "Gitea",
              "versions": [
                {
                  "lessThan": "1.26.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "yonatan-pl"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Gitea versions before 1.26.0 do not fail closed on bufio.Scanner errors while processing pre-receive hook input, allowing oversized input to bypass branch-protection checks."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-863",
                  "description": "Incorrect Authorization",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-03T20:19:37.968Z",
            "orgId": "88ee5874-cf24-4952-aea0-31affedb7ff2",
            "shortName": "Gitea"
          },
          "references": [
            {
              "name": "GitHub Pull Request #36963",
              "tags": [
                "patch"
              ],
              "url": "https://github.com/go-gitea/gitea/pull/36963"
            },
            {
              "name": "Gitea v1.26.0 Release",
              "tags": [
                "release-notes"
              ],
              "url": "https://github.com/go-gitea/gitea/releases/tag/v1.26.0"
            },
            {
              "name": "Gitea v1.26.0 Release Blog Post",
              "tags": [
                "release-notes"
              ],
              "url": "https://blog.gitea.com/release-of-1.26.0/"
            }
          ],
          "title": "Gitea pre-receive hook can miss branch-protection checks after scanner errors",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "88ee5874-cf24-4952-aea0-31affedb7ff2",
        "assignerShortName": "Gitea",
        "cveId": "CVE-2026-27780",
        "datePublished": "2026-07-03T20:19:37.968Z",
        "dateReserved": "2026-03-03T03:25:28.724Z",
        "dateUpdated": "2026-07-03T20:19:37.968Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-27779 (GCVE-0-2026-27779)

    Vulnerability from nvd – Published: 2026-07-03 20:19 – Updated: 2026-07-03 20:19
    VLAI
    Title
    Gitea forwarded-proto handling allows public URL spoofing
    Summary
    Gitea versions before 1.25.5 accept malformed or injected forwarded-proto values when detecting public URLs, allowing spoofed canonical URL generation.
    Severity
    No CVSS data available.
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Gitea Gitea Open Source Git Server Affected: 0 , < 1.25.5 (semver)
    Create a notification for this product.
    Credits
    fed01k
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Gitea Open Source Git Server",
              "vendor": "Gitea",
              "versions": [
                {
                  "lessThan": "1.25.5",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "fed01k"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Gitea versions before 1.25.5 accept malformed or injected forwarded-proto values when detecting public URLs, allowing spoofed canonical URL generation."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-284",
                  "description": "CWE-284",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-03T20:19:37.622Z",
            "orgId": "88ee5874-cf24-4952-aea0-31affedb7ff2",
            "shortName": "Gitea"
          },
          "references": [
            {
              "name": "GitHub Pull Request #36810",
              "tags": [
                "patch"
              ],
              "url": "https://github.com/go-gitea/gitea/pull/36810"
            },
            {
              "name": "GitHub Pull Request #36836",
              "tags": [
                "patch"
              ],
              "url": "https://github.com/go-gitea/gitea/pull/36836"
            },
            {
              "name": "Gitea v1.25.5 Release",
              "tags": [
                "release-notes"
              ],
              "url": "https://github.com/go-gitea/gitea/releases/tag/v1.25.5"
            },
            {
              "name": "Gitea v1.25.5 Release Blog Post",
              "tags": [
                "release-notes"
              ],
              "url": "https://blog.gitea.com/release-of-1.25.5/"
            }
          ],
          "title": "Gitea forwarded-proto handling allows public URL spoofing",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "88ee5874-cf24-4952-aea0-31affedb7ff2",
        "assignerShortName": "Gitea",
        "cveId": "CVE-2026-27779",
        "datePublished": "2026-07-03T20:19:37.622Z",
        "dateReserved": "2026-03-03T03:25:28.660Z",
        "dateUpdated": "2026-07-03T20:19:37.622Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-27775 (GCVE-0-2026-27775)

    Vulnerability from nvd – Published: 2026-07-03 20:19 – Updated: 2026-07-03 20:19
    VLAI
    Title
    Gitea pre-receive hook permission cache allows full repository write access
    Summary
    Gitea 1.25.5 caches a branch-specific write-permission result across multiple refs in one pre-receive hook session, allowing a per-branch maintainer-edit grant to be reused for other refs and escalate to full repository write access.
    Severity
    No CVSS data available.
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Gitea Gitea Open Source Git Server Affected: 1.25.5 (semver)
    Create a notification for this product.
    Credits
    adrian-doyensec
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Gitea Open Source Git Server",
              "vendor": "Gitea",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.25.5",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "adrian-doyensec"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Gitea 1.25.5 caches a branch-specific write-permission result across multiple refs in one pre-receive hook session, allowing a per-branch maintainer-edit grant to be reused for other refs and escalate to full repository write access."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-863",
                  "description": "CWE-863",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-03T20:19:37.275Z",
            "orgId": "88ee5874-cf24-4952-aea0-31affedb7ff2",
            "shortName": "Gitea"
          },
          "references": [
            {
              "name": "GitHub Security Advisory",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://github.com/go-gitea/gitea/security/advisories/GHSA-649p-mmhf-85c7"
            },
            {
              "name": "GitHub Pull Request #38151",
              "tags": [
                "patch"
              ],
              "url": "https://github.com/go-gitea/gitea/pull/38151"
            },
            {
              "name": "Gitea v1.26.3 Release",
              "tags": [
                "release-notes"
              ],
              "url": "https://github.com/go-gitea/gitea/releases/tag/v1.26.3"
            },
            {
              "name": "Gitea v1.26.4 Release Blog Post",
              "tags": [
                "release-notes"
              ],
              "url": "https://blog.gitea.com/release-of-1.26.3-and-1.26.4/"
            }
          ],
          "title": "Gitea pre-receive hook permission cache allows full repository write access",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "88ee5874-cf24-4952-aea0-31affedb7ff2",
        "assignerShortName": "Gitea",
        "cveId": "CVE-2026-27775",
        "datePublished": "2026-07-03T20:19:37.275Z",
        "dateReserved": "2026-03-03T03:25:59.996Z",
        "dateUpdated": "2026-07-03T20:19:37.275Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-27771 (GCVE-0-2026-27771)

    Vulnerability from nvd – Published: 2026-07-03 20:19 – Updated: 2026-07-03 20:19
    VLAI
    Title
    Gitea Composer package source links use insufficient permission checks
    Summary
    Gitea versions up to and including 1.26.1 have insufficient permission checks for Composer package source links, which can expose private or internal package source information.
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Gitea Gitea Open Source Git Server Affected: 0 , ≤ 1.26.1 (semver)
    Create a notification for this product.
    Credits
    DevNoScope
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Gitea Open Source Git Server",
              "vendor": "Gitea",
              "versions": [
                {
                  "lessThanOrEqual": "1.26.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "DevNoScope"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Gitea versions up to and including 1.26.1 have insufficient permission checks for Composer package source links, which can expose private or internal package source information."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 8.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-862",
                  "description": "Missing Authorization",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-03T20:19:36.924Z",
            "orgId": "88ee5874-cf24-4952-aea0-31affedb7ff2",
            "shortName": "Gitea"
          },
          "references": [
            {
              "name": "GitHub Security Advisory",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://github.com/go-gitea/gitea/security/advisories/GHSA-8qw8-rq86-9pc2"
            },
            {
              "name": "GitHub Pull Request #37610",
              "tags": [
                "patch"
              ],
              "url": "https://github.com/go-gitea/gitea/pull/37610"
            },
            {
              "name": "Gitea v1.26.2 Release",
              "tags": [
                "release-notes"
              ],
              "url": "https://github.com/go-gitea/gitea/releases/tag/v1.26.2"
            },
            {
              "name": "Gitea v1.26.2 Release Blog Post",
              "tags": [
                "release-notes"
              ],
              "url": "https://blog.gitea.com/release-of-1.26.2/"
            }
          ],
          "title": "Gitea Composer package source links use insufficient permission checks",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "88ee5874-cf24-4952-aea0-31affedb7ff2",
        "assignerShortName": "Gitea",
        "cveId": "CVE-2026-27771",
        "datePublished": "2026-07-03T20:19:36.924Z",
        "dateReserved": "2026-03-03T03:25:50.291Z",
        "dateUpdated": "2026-07-03T20:19:36.924Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-27761 (GCVE-0-2026-27761)

    Vulnerability from nvd – Published: 2026-07-03 20:19 – Updated: 2026-07-03 20:19
    VLAI
    Title
    Gitea repository feeds bypass API token scope enforcement
    Summary
    Gitea versions up to and including 1.26.2 allow repository RSS and Atom feed endpoints to bypass API access token scope checks, exposing private repository commit data to tokens without the required repository scope.
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Gitea Gitea Open Source Git Server Affected: 0 , ≤ 1.26.2 (semver)
    Create a notification for this product.
    Credits
    babakizo420
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Gitea Open Source Git Server",
              "vendor": "Gitea",
              "versions": [
                {
                  "lessThanOrEqual": "1.26.2",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "babakizo420"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Gitea versions up to and including 1.26.2 allow repository RSS and Atom feed endpoints to bypass API access token scope checks, exposing private repository commit data to tokens without the required repository scope."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-863",
                  "description": "CWE-863",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-03T20:19:36.576Z",
            "orgId": "88ee5874-cf24-4952-aea0-31affedb7ff2",
            "shortName": "Gitea"
          },
          "references": [
            {
              "name": "GitHub Security Advisory",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://github.com/go-gitea/gitea/security/advisories/GHSA-3pww-vcvm-3gmj"
            },
            {
              "name": "GitHub Pull Request #38147",
              "tags": [
                "patch"
              ],
              "url": "https://github.com/go-gitea/gitea/pull/38147"
            },
            {
              "name": "Gitea v1.26.3 Release",
              "tags": [
                "release-notes"
              ],
              "url": "https://github.com/go-gitea/gitea/releases/tag/v1.26.3"
            },
            {
              "name": "Gitea v1.26.4 Release Blog Post",
              "tags": [
                "release-notes"
              ],
              "url": "https://blog.gitea.com/release-of-1.26.3-and-1.26.4/"
            }
          ],
          "title": "Gitea repository feeds bypass API token scope enforcement",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "88ee5874-cf24-4952-aea0-31affedb7ff2",
        "assignerShortName": "Gitea",
        "cveId": "CVE-2026-27761",
        "datePublished": "2026-07-03T20:19:36.576Z",
        "dateReserved": "2026-03-03T03:26:00.375Z",
        "dateUpdated": "2026-07-03T20:19:36.576Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-27660 (GCVE-0-2026-27660)

    Vulnerability from nvd – Published: 2026-07-03 20:19 – Updated: 2026-07-03 20:19
    VLAI
    Title
    Gitea draft releases use insufficient permission checks
    Summary
    Gitea versions before 1.25.5 allow draft release data or attachments to be accessed without the required write permission.
    Severity
    No CVSS data available.
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Gitea Gitea Open Source Git Server Affected: 0 , < 1.25.5 (semver)
    Create a notification for this product.
    Credits
    anticomputer
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Gitea Open Source Git Server",
              "vendor": "Gitea",
              "versions": [
                {
                  "lessThan": "1.25.5",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "anticomputer"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Gitea versions before 1.25.5 allow draft release data or attachments to be accessed without the required write permission."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-284",
                  "description": "CWE-284",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-03T20:19:36.226Z",
            "orgId": "88ee5874-cf24-4952-aea0-31affedb7ff2",
            "shortName": "Gitea"
          },
          "references": [
            {
              "name": "GitHub Pull Request #36659",
              "tags": [
                "patch"
              ],
              "url": "https://github.com/go-gitea/gitea/pull/36659"
            },
            {
              "name": "GitHub Pull Request #36715",
              "tags": [
                "patch"
              ],
              "url": "https://github.com/go-gitea/gitea/pull/36715"
            },
            {
              "name": "Gitea v1.25.5 Release",
              "tags": [
                "release-notes"
              ],
              "url": "https://github.com/go-gitea/gitea/releases/tag/v1.25.5"
            },
            {
              "name": "Gitea v1.25.5 Release Blog Post",
              "tags": [
                "release-notes"
              ],
              "url": "https://blog.gitea.com/release-of-1.25.5/"
            }
          ],
          "title": "Gitea draft releases use insufficient permission checks",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "88ee5874-cf24-4952-aea0-31affedb7ff2",
        "assignerShortName": "Gitea",
        "cveId": "CVE-2026-27660",
        "datePublished": "2026-07-03T20:19:36.226Z",
        "dateReserved": "2026-02-22T15:13:33.679Z",
        "dateUpdated": "2026-07-03T20:19:36.226Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-27657 (GCVE-0-2026-27657)

    Vulnerability from nvd – Published: 2026-07-03 20:19 – Updated: 2026-07-03 20:19
    VLAI
    Title
    Gitea email settings allow changing another user's primary email address
    Summary
    Gitea versions before 1.25.5 allow a user to change another user's primary email address.
    Severity
    No CVSS data available.
    CWE
    • CWE-639 - Authorization Bypass Through User-Controlled Key
    Assigner
    Impacted products
    Vendor Product Version
    Gitea Gitea Open Source Git Server Affected: 0 , < 1.25.5 (semver)
    Create a notification for this product.
    Credits
    CsEnox
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Gitea Open Source Git Server",
              "vendor": "Gitea",
              "versions": [
                {
                  "lessThan": "1.25.5",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "CsEnox"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Gitea versions before 1.25.5 allow a user to change another user\u0027s primary email address."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-639",
                  "description": "Authorization Bypass Through User-Controlled Key",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-03T20:19:35.873Z",
            "orgId": "88ee5874-cf24-4952-aea0-31affedb7ff2",
            "shortName": "Gitea"
          },
          "references": [
            {
              "name": "GitHub Pull Request #36586",
              "tags": [
                "patch"
              ],
              "url": "https://github.com/go-gitea/gitea/pull/36586"
            },
            {
              "name": "GitHub Pull Request #36607",
              "tags": [
                "patch"
              ],
              "url": "https://github.com/go-gitea/gitea/pull/36607"
            },
            {
              "name": "Gitea v1.25.5 Release",
              "tags": [
                "release-notes"
              ],
              "url": "https://github.com/go-gitea/gitea/releases/tag/v1.25.5"
            },
            {
              "name": "Gitea v1.25.5 Release Blog Post",
              "tags": [
                "release-notes"
              ],
              "url": "https://blog.gitea.com/release-of-1.25.5/"
            }
          ],
          "title": "Gitea email settings allow changing another user\u0027s primary email address",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "88ee5874-cf24-4952-aea0-31affedb7ff2",
        "assignerShortName": "Gitea",
        "cveId": "CVE-2026-27657",
        "datePublished": "2026-07-03T20:19:35.873Z",
        "dateReserved": "2026-02-22T15:13:33.716Z",
        "dateUpdated": "2026-07-03T20:19:35.873Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-26307 (GCVE-0-2026-26307)

    Vulnerability from nvd – Published: 2026-07-03 20:19 – Updated: 2026-07-03 20:19
    VLAI
    Title
    Gitea git grep search lacks a timeout
    Summary
    Gitea versions before 1.25.5 do not enforce a timeout on git grep searches, allowing expensive searches to consume server resources.
    Severity
    No CVSS data available.
    CWE
    • CWE-400 - Uncontrolled Resource Consumption
    Assigner
    Impacted products
    Vendor Product Version
    Gitea Gitea Open Source Git Server Affected: 0 , < 1.25.5 (semver)
    Create a notification for this product.
    Credits
    uug4na
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Gitea Open Source Git Server",
              "vendor": "Gitea",
              "versions": [
                {
                  "lessThan": "1.25.5",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "uug4na"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Gitea versions before 1.25.5 do not enforce a timeout on git grep searches, allowing expensive searches to consume server resources."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-400",
                  "description": "Uncontrolled Resource Consumption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-03T20:19:35.520Z",
            "orgId": "88ee5874-cf24-4952-aea0-31affedb7ff2",
            "shortName": "Gitea"
          },
          "references": [
            {
              "name": "GitHub Pull Request #36809",
              "tags": [
                "patch"
              ],
              "url": "https://github.com/go-gitea/gitea/pull/36809"
            },
            {
              "name": "GitHub Pull Request #36835",
              "tags": [
                "patch"
              ],
              "url": "https://github.com/go-gitea/gitea/pull/36835"
            },
            {
              "name": "Gitea v1.25.5 Release",
              "tags": [
                "release-notes"
              ],
              "url": "https://github.com/go-gitea/gitea/releases/tag/v1.25.5"
            },
            {
              "name": "Gitea v1.25.5 Release Blog Post",
              "tags": [
                "release-notes"
              ],
              "url": "https://blog.gitea.com/release-of-1.25.5/"
            }
          ],
          "title": "Gitea git grep search lacks a timeout",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "88ee5874-cf24-4952-aea0-31affedb7ff2",
        "assignerShortName": "Gitea",
        "cveId": "CVE-2026-26307",
        "datePublished": "2026-07-03T20:19:35.520Z",
        "dateReserved": "2026-03-03T03:25:28.646Z",
        "dateUpdated": "2026-07-03T20:19:35.520Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-26292 (GCVE-0-2026-26292)

    Vulnerability from nvd – Published: 2026-07-03 20:19 – Updated: 2026-07-03 20:19
    VLAI
    Title
    Gitea LFS mirror synchronization bypasses migration HTTP transport restrictions
    Summary
    Gitea versions before 1.25.5 do not use the migration HTTP transport for LFS push and sync mirror operations, bypassing the configured migration transport protections for those LFS requests.
    Severity
    No CVSS data available.
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Gitea Gitea Open Source Git Server Affected: 0 , < 1.25.5 (semver)
    Create a notification for this product.
    Credits
    allsmog
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Gitea Open Source Git Server",
              "vendor": "Gitea",
              "versions": [
                {
                  "lessThan": "1.25.5",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "allsmog"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Gitea versions before 1.25.5 do not use the migration HTTP transport for LFS push and sync mirror operations, bypassing the configured migration transport protections for those LFS requests."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-284",
                  "description": "CWE-284",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-03T20:19:35.166Z",
            "orgId": "88ee5874-cf24-4952-aea0-31affedb7ff2",
            "shortName": "Gitea"
          },
          "references": [
            {
              "name": "GitHub Pull Request #36665",
              "tags": [
                "patch"
              ],
              "url": "https://github.com/go-gitea/gitea/pull/36665"
            },
            {
              "name": "GitHub Pull Request #36691",
              "tags": [
                "patch"
              ],
              "url": "https://github.com/go-gitea/gitea/pull/36691"
            },
            {
              "name": "Gitea v1.25.5 Release",
              "tags": [
                "release-notes"
              ],
              "url": "https://github.com/go-gitea/gitea/releases/tag/v1.25.5"
            },
            {
              "name": "Gitea v1.25.5 Release Blog Post",
              "tags": [
                "release-notes"
              ],
              "url": "https://blog.gitea.com/release-of-1.25.5/"
            }
          ],
          "title": "Gitea LFS mirror synchronization bypasses migration HTTP transport restrictions",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "88ee5874-cf24-4952-aea0-31affedb7ff2",
        "assignerShortName": "Gitea",
        "cveId": "CVE-2026-26292",
        "datePublished": "2026-07-03T20:19:35.166Z",
        "dateReserved": "2026-02-22T15:13:33.694Z",
        "dateUpdated": "2026-07-03T20:19:35.166Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-26247 (GCVE-0-2026-26247)

    Vulnerability from nvd – Published: 2026-07-03 20:19 – Updated: 2026-07-03 20:19
    VLAI
    Title
    Gitea OAuth2 PKCE S256 challenges are not enforced during token exchange
    Summary
    Gitea versions before 1.25.5 do not persist the OAuth2 PKCE S256 challenge method correctly during authorization, allowing token exchange without the expected verifier check.
    Severity
    No CVSS data available.
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Gitea Gitea Open Source Git Server Affected: 0 , < 1.25.5 (semver)
    Create a notification for this product.
    Credits
    Aisle Research
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Gitea Open Source Git Server",
              "vendor": "Gitea",
              "versions": [
                {
                  "lessThan": "1.25.5",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "Aisle Research"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Gitea versions before 1.25.5 do not persist the OAuth2 PKCE S256 challenge method correctly during authorization, allowing token exchange without the expected verifier check."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-284",
                  "description": "CWE-284",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-03T20:19:34.820Z",
            "orgId": "88ee5874-cf24-4952-aea0-31affedb7ff2",
            "shortName": "Gitea"
          },
          "references": [
            {
              "name": "GitHub Pull Request #36462",
              "tags": [
                "patch"
              ],
              "url": "https://github.com/go-gitea/gitea/pull/36462"
            },
            {
              "name": "GitHub Pull Request #36477",
              "tags": [
                "patch"
              ],
              "url": "https://github.com/go-gitea/gitea/pull/36477"
            },
            {
              "name": "Gitea v1.25.5 Release",
              "tags": [
                "release-notes"
              ],
              "url": "https://github.com/go-gitea/gitea/releases/tag/v1.25.5"
            },
            {
              "name": "Gitea v1.25.5 Release Blog Post",
              "tags": [
                "release-notes"
              ],
              "url": "https://blog.gitea.com/release-of-1.25.5/"
            }
          ],
          "title": "Gitea OAuth2 PKCE S256 challenges are not enforced during token exchange",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "88ee5874-cf24-4952-aea0-31affedb7ff2",
        "assignerShortName": "Gitea",
        "cveId": "CVE-2026-26247",
        "datePublished": "2026-07-03T20:19:34.820Z",
        "dateReserved": "2026-03-03T03:25:28.654Z",
        "dateUpdated": "2026-07-03T20:19:34.820Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-26232 (GCVE-0-2026-26232)

    Vulnerability from nvd – Published: 2026-07-03 20:19 – Updated: 2026-07-03 20:19
    VLAI
    Title
    Gitea OAuth2 authorization codes lack expiry and reuse enforcement
    Summary
    Gitea versions before 1.25.5 do not consistently enforce OAuth2 authorization code expiry and single-use behavior during token exchange.
    Severity
    No CVSS data available.
    CWE
    • CWE-294 - Authentication Bypass by Capture-replay
    Assigner
    Impacted products
    Vendor Product Version
    Gitea Gitea Open Source Git Server Affected: 0 , < 1.25.5 (semver)
    Create a notification for this product.
    Credits
    sammiee5311
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Gitea Open Source Git Server",
              "vendor": "Gitea",
              "versions": [
                {
                  "lessThan": "1.25.5",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "sammiee5311"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Gitea versions before 1.25.5 do not consistently enforce OAuth2 authorization code expiry and single-use behavior during token exchange."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-294",
                  "description": "Authentication Bypass by Capture-replay",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-03T20:19:34.473Z",
            "orgId": "88ee5874-cf24-4952-aea0-31affedb7ff2",
            "shortName": "Gitea"
          },
          "references": [
            {
              "name": "GitHub Pull Request #36797",
              "tags": [
                "patch"
              ],
              "url": "https://github.com/go-gitea/gitea/pull/36797"
            },
            {
              "name": "GitHub Pull Request #36851",
              "tags": [
                "patch"
              ],
              "url": "https://github.com/go-gitea/gitea/pull/36851"
            },
            {
              "name": "Gitea v1.25.5 Release",
              "tags": [
                "release-notes"
              ],
              "url": "https://github.com/go-gitea/gitea/releases/tag/v1.25.5"
            },
            {
              "name": "Gitea v1.25.5 Release Blog Post",
              "tags": [
                "release-notes"
              ],
              "url": "https://blog.gitea.com/release-of-1.25.5/"
            }
          ],
          "title": "Gitea OAuth2 authorization codes lack expiry and reuse enforcement",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "88ee5874-cf24-4952-aea0-31affedb7ff2",
        "assignerShortName": "Gitea",
        "cveId": "CVE-2026-26232",
        "datePublished": "2026-07-03T20:19:34.473Z",
        "dateReserved": "2026-03-03T03:25:28.619Z",
        "dateUpdated": "2026-07-03T20:19:34.473Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-26231 (GCVE-0-2026-26231)

    Vulnerability from nvd – Published: 2026-07-03 20:19 – Updated: 2026-07-03 20:19
    VLAI
    Title
    Gitea maintainer-edit permissions allow unauthorized commits to readable repositories
    Summary
    Gitea versions up to and including 1.26.1 allow the Allow edits from maintainers permission path to authorize commits to repositories that the user can read but should not be able to write.
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Gitea Gitea Open Source Git Server Affected: 0 , ≤ 1.26.1 (semver)
    Create a notification for this product.
    Credits
    ddd
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Gitea Open Source Git Server",
              "vendor": "Gitea",
              "versions": [
                {
                  "lessThanOrEqual": "1.26.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "ddd"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Gitea versions up to and including 1.26.1 allow the Allow edits from maintainers permission path to authorize commits to repositories that the user can read but should not be able to write."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 8.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "LOW",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-863",
                  "description": "CWE-863",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-03T20:19:34.133Z",
            "orgId": "88ee5874-cf24-4952-aea0-31affedb7ff2",
            "shortName": "Gitea"
          },
          "references": [
            {
              "name": "GitHub Security Advisory",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://github.com/go-gitea/gitea/security/advisories/GHSA-mm7c-rhg6-qr4r"
            },
            {
              "name": "GitHub Pull Request #37479",
              "tags": [
                "patch"
              ],
              "url": "https://github.com/go-gitea/gitea/pull/37479"
            },
            {
              "name": "GitHub Pull Request #37484",
              "tags": [
                "patch"
              ],
              "url": "https://github.com/go-gitea/gitea/pull/37484"
            },
            {
              "name": "Gitea v1.26.2 Release",
              "tags": [
                "release-notes"
              ],
              "url": "https://github.com/go-gitea/gitea/releases/tag/v1.26.2"
            },
            {
              "name": "Gitea v1.26.2 Release Blog Post",
              "tags": [
                "release-notes"
              ],
              "url": "https://blog.gitea.com/release-of-1.26.2/"
            }
          ],
          "title": "Gitea maintainer-edit permissions allow unauthorized commits to readable repositories",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "88ee5874-cf24-4952-aea0-31affedb7ff2",
        "assignerShortName": "Gitea",
        "cveId": "CVE-2026-26231",
        "datePublished": "2026-07-03T20:19:34.133Z",
        "dateReserved": "2026-03-03T03:25:59.965Z",
        "dateUpdated": "2026-07-03T20:19:34.133Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-25782 (GCVE-0-2026-25782)

    Vulnerability from nvd – Published: 2026-07-03 20:19 – Updated: 2026-07-03 20:19
    VLAI
    Title
    Gitea tracked-time deletion can target entries from another issue
    Summary
    Gitea versions before 1.25.5 look up tracked-time entries by time ID without scoping the lookup to the issue in the request URL, allowing deletion attempts to target entries from another issue.
    Severity
    No CVSS data available.
    CWE
    • CWE-639 - Authorization Bypass Through User-Controlled Key
    Assigner
    Impacted products
    Vendor Product Version
    Gitea Gitea Open Source Git Server Affected: 0 , < 1.25.5 (semver)
    Create a notification for this product.
    Credits
    CsEnox
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Gitea Open Source Git Server",
              "vendor": "Gitea",
              "versions": [
                {
                  "lessThan": "1.25.5",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "CsEnox"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Gitea versions before 1.25.5 look up tracked-time entries by time ID without scoping the lookup to the issue in the request URL, allowing deletion attempts to target entries from another issue."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-639",
                  "description": "Authorization Bypass Through User-Controlled Key",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-03T20:19:33.790Z",
            "orgId": "88ee5874-cf24-4952-aea0-31affedb7ff2",
            "shortName": "Gitea"
          },
          "references": [
            {
              "name": "GitHub Pull Request #36664",
              "tags": [
                "patch"
              ],
              "url": "https://github.com/go-gitea/gitea/pull/36664"
            },
            {
              "name": "GitHub Pull Request #36689",
              "tags": [
                "patch"
              ],
              "url": "https://github.com/go-gitea/gitea/pull/36689"
            },
            {
              "name": "Gitea v1.25.5 Release",
              "tags": [
                "release-notes"
              ],
              "url": "https://github.com/go-gitea/gitea/releases/tag/v1.25.5"
            },
            {
              "name": "Gitea v1.25.5 Release Blog Post",
              "tags": [
                "release-notes"
              ],
              "url": "https://blog.gitea.com/release-of-1.25.5/"
            }
          ],
          "title": "Gitea tracked-time deletion can target entries from another issue",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "88ee5874-cf24-4952-aea0-31affedb7ff2",
        "assignerShortName": "Gitea",
        "cveId": "CVE-2026-25782",
        "datePublished": "2026-07-03T20:19:33.790Z",
        "dateReserved": "2026-02-22T15:13:33.711Z",
        "dateUpdated": "2026-07-03T20:19:33.790Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-25779 (GCVE-0-2026-25779)

    Vulnerability from nvd – Published: 2026-07-03 20:19 – Updated: 2026-07-03 20:19
    VLAI
    Title
    Gitea redirect handling permits open redirects through backslash paths
    Summary
    Gitea versions up to and including 1.25.4 allow redirect bypasses through raw or percent-encoded backslashes in redirect_to values.
    Severity
    No CVSS data available.
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Gitea Gitea Open Source Git Server Affected: 0 , ≤ 1.25.4 (semver)
    Create a notification for this product.
    Credits
    quirmz
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Gitea Open Source Git Server",
              "vendor": "Gitea",
              "versions": [
                {
                  "lessThanOrEqual": "1.25.4",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "quirmz"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Gitea versions up to and including 1.25.4 allow redirect bypasses through raw or percent-encoded backslashes in redirect_to values."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-601",
                  "description": "CWE-601",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-03T20:19:33.452Z",
            "orgId": "88ee5874-cf24-4952-aea0-31affedb7ff2",
            "shortName": "Gitea"
          },
          "references": [
            {
              "name": "GitHub Security Advisory",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://github.com/go-gitea/gitea/security/advisories/GHSA-j5r2-4c8j-xc3m"
            },
            {
              "name": "GitHub Pull Request #36660",
              "tags": [
                "patch"
              ],
              "url": "https://github.com/go-gitea/gitea/pull/36660"
            },
            {
              "name": "GitHub Pull Request #36716",
              "tags": [
                "patch"
              ],
              "url": "https://github.com/go-gitea/gitea/pull/36716"
            },
            {
              "name": "Gitea v1.25.5 Release",
              "tags": [
                "release-notes"
              ],
              "url": "https://github.com/go-gitea/gitea/releases/tag/v1.25.5"
            },
            {
              "name": "Gitea v1.25.5 Release Blog Post",
              "tags": [
                "release-notes"
              ],
              "url": "https://blog.gitea.com/release-of-1.25.5/"
            }
          ],
          "title": "Gitea redirect handling permits open redirects through backslash paths",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "88ee5874-cf24-4952-aea0-31affedb7ff2",
        "assignerShortName": "Gitea",
        "cveId": "CVE-2026-25779",
        "datePublished": "2026-07-03T20:19:33.452Z",
        "dateReserved": "2026-02-22T15:13:33.665Z",
        "dateUpdated": "2026-07-03T20:19:33.452Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-25718 (GCVE-0-2026-25718)

    Vulnerability from nvd – Published: 2026-07-03 20:19 – Updated: 2026-07-03 20:19
    VLAI
    Title
    Gitea template repository generation mishandles symlinked paths
    Summary
    Gitea versions before 1.25.5 mishandle path resolution during template repository generation, allowing template processing to read or write through symlinked or otherwise non-regular paths.
    Severity
    No CVSS data available.
    CWE
    • CWE-59 - Improper Link Resolution Before File Access ('Link Following')
    Assigner
    Impacted products
    Vendor Product Version
    Gitea Gitea Open Source Git Server Affected: 0 , < 1.25.5 (semver)
    Create a notification for this product.
    Credits
    yonatan-pl
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Gitea Open Source Git Server",
              "vendor": "Gitea",
              "versions": [
                {
                  "lessThan": "1.25.5",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "yonatan-pl"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Gitea versions before 1.25.5 mishandle path resolution during template repository generation, allowing template processing to read or write through symlinked or otherwise non-regular paths."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-59",
                  "description": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-03T20:19:33.104Z",
            "orgId": "88ee5874-cf24-4952-aea0-31affedb7ff2",
            "shortName": "Gitea"
          },
          "references": [
            {
              "name": "GitHub Pull Request #36734",
              "tags": [
                "patch"
              ],
              "url": "https://github.com/go-gitea/gitea/pull/36734"
            },
            {
              "name": "GitHub Pull Request #36746",
              "tags": [
                "patch"
              ],
              "url": "https://github.com/go-gitea/gitea/pull/36746"
            },
            {
              "name": "Gitea v1.25.5 Release",
              "tags": [
                "release-notes"
              ],
              "url": "https://github.com/go-gitea/gitea/releases/tag/v1.25.5"
            },
            {
              "name": "Gitea v1.25.5 Release Blog Post",
              "tags": [
                "release-notes"
              ],
              "url": "https://blog.gitea.com/release-of-1.25.5/"
            }
          ],
          "title": "Gitea template repository generation mishandles symlinked paths",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "88ee5874-cf24-4952-aea0-31affedb7ff2",
        "assignerShortName": "Gitea",
        "cveId": "CVE-2026-25718",
        "datePublished": "2026-07-03T20:19:33.104Z",
        "dateReserved": "2026-02-22T15:13:33.721Z",
        "dateUpdated": "2026-07-03T20:19:33.104Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-25714 (GCVE-0-2026-25714)

    Vulnerability from nvd – Published: 2026-07-03 20:19 – Updated: 2026-07-03 20:19
    VLAI
    Title
    Gitea user organization API bypasses public-only token filtering
    Summary
    Gitea versions up to and including 1.26.1 do not apply public-only token filtering consistently to the user organization API, leaving an incomplete fix for CVE-2025-68941.
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Gitea Gitea Open Source Git Server Affected: 0 , ≤ 1.26.1 (semver)
    Create a notification for this product.
    Credits
    Medoedus
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Gitea Open Source Git Server",
              "vendor": "Gitea",
              "versions": [
                {
                  "lessThanOrEqual": "1.26.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "Medoedus"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Gitea versions up to and including 1.26.1 do not apply public-only token filtering consistently to the user organization API, leaving an incomplete fix for CVE-2025-68941."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-862",
                  "description": "CWE-862",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-03T20:19:32.756Z",
            "orgId": "88ee5874-cf24-4952-aea0-31affedb7ff2",
            "shortName": "Gitea"
          },
          "references": [
            {
              "name": "GitHub Security Advisory",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://github.com/go-gitea/gitea/security/advisories/GHSA-8629-vc8r-5p58"
            },
            {
              "name": "GitHub Pull Request #37118",
              "tags": [
                "patch"
              ],
              "url": "https://github.com/go-gitea/gitea/pull/37118"
            },
            {
              "name": "Gitea v1.26.2 Release",
              "tags": [
                "release-notes"
              ],
              "url": "https://github.com/go-gitea/gitea/releases/tag/v1.26.2"
            },
            {
              "name": "Gitea v1.26.2 Release Blog Post",
              "tags": [
                "release-notes"
              ],
              "url": "https://blog.gitea.com/release-of-1.26.2/"
            }
          ],
          "title": "Gitea user organization API bypasses public-only token filtering",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "88ee5874-cf24-4952-aea0-31affedb7ff2",
        "assignerShortName": "Gitea",
        "cveId": "CVE-2026-25714",
        "datePublished": "2026-07-03T20:19:32.756Z",
        "dateReserved": "2026-03-03T03:25:50.209Z",
        "dateUpdated": "2026-07-03T20:19:32.756Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-25712 (GCVE-0-2026-25712)

    Vulnerability from nvd – Published: 2026-07-03 20:19 – Updated: 2026-07-03 20:19
    VLAI
    Title
    Gitea organization permission APIs expose private visibility information
    Summary
    Gitea versions before 1.25.5 have insufficient visibility checks in organization permission APIs for hidden members and private organizations.
    Severity
    No CVSS data available.
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Gitea Gitea Open Source Git Server Affected: 0 , < 1.25.5 (semver)
    Create a notification for this product.
    Credits
    Maximilian Luff, Daniel Zahl, Marcus Gelderie
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Gitea Open Source Git Server",
              "vendor": "Gitea",
              "versions": [
                {
                  "lessThan": "1.25.5",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "Maximilian Luff, Daniel Zahl, Marcus Gelderie"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Gitea versions before 1.25.5 have insufficient visibility checks in organization permission APIs for hidden members and private organizations."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-284",
                  "description": "CWE-284",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-03T20:19:32.421Z",
            "orgId": "88ee5874-cf24-4952-aea0-31affedb7ff2",
            "shortName": "Gitea"
          },
          "references": [
            {
              "name": "GitHub Pull Request #36798",
              "tags": [
                "patch"
              ],
              "url": "https://github.com/go-gitea/gitea/pull/36798"
            },
            {
              "name": "GitHub Pull Request #36841",
              "tags": [
                "patch"
              ],
              "url": "https://github.com/go-gitea/gitea/pull/36841"
            },
            {
              "name": "Gitea v1.25.5 Release",
              "tags": [
                "release-notes"
              ],
              "url": "https://github.com/go-gitea/gitea/releases/tag/v1.25.5"
            },
            {
              "name": "Gitea v1.25.5 Release Blog Post",
              "tags": [
                "release-notes"
              ],
              "url": "https://blog.gitea.com/release-of-1.25.5/"
            }
          ],
          "title": "Gitea organization permission APIs expose private visibility information",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "88ee5874-cf24-4952-aea0-31affedb7ff2",
        "assignerShortName": "Gitea",
        "cveId": "CVE-2026-25712",
        "datePublished": "2026-07-03T20:19:32.421Z",
        "dateReserved": "2026-03-03T03:25:28.672Z",
        "dateUpdated": "2026-07-03T20:19:32.421Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }