2 matches found
CVE-2026-24690
Gitea versions before 1.25.5 have insufficient permission checks for updating or rebasing pull request branches...
CVE-2026-24690
Gitea before version 1.25.5 contains insufficient permission checks when updating or rebasing pull request branches, enabling an access control bypass. The issue affects the pull service logic (e.g., related to PR update/rebase paths) and has been addressed by upgrading to Gitea 1.25.5 or later. ...