Lucene search
K

5 matches found

OSV
OSV
added 5 days ago3 views

CVE-2026-59190 Grav Admin Plugin — IDOR Privilege Escalation via saveUser()

grav-plugin-admin is an HTML user interface that provides a way to configure Grav and create and modify pages. In 1.10.52 and earlier, an authenticated attacker with admin.users permission can change the password of any user account, including the super administrator, by sending a direct POST...

8.7CVSS6.1AI score0.00215EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/02/20 7:22 a.m.10 views

CVE-2026-25232

Gogs is an open source self-hosted Git service. Versions 0.13.4 and below have an access control bypass vulnerability which allows any repository collaborator with Write permissions to delete protected branches including the default branch by sending a direct POST request, completely bypassing th...

8.8CVSS5.7AI score0.00436EPSS
Exploits1References1
OSV
OSV
added 2026/02/19 2:25 a.m.9 views

CVE-2026-25232 Gogs has a Protected Branch Deletion Bypass in Web Interface

Gogs is an open source self-hosted Git service. Versions 0.13.4 and below have an access control bypass vulnerability which allows any repository collaborator with Write permissions to delete protected branches including the default branch by sending a direct POST request, completely bypassing th...

7.1CVSS5.7AI score0.00436EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2026/02/19 2:25 a.m.6 views

CVE-2026-25232 Gogs has a Protected Branch Deletion Bypass in Web Interface

Gogs is an open source self-hosted Git service. Versions 0.13.4 and below have an access control bypass vulnerability which allows any repository collaborator with Write permissions to delete protected branches including the default branch by sending a direct POST request, completely bypassing th...

7.1CVSS5.7AI score0.00436EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/02/17 12:0 a.m.15 views

PT-2026-20322

Name of the Vulnerable Software and Affected Versions Gogs versions 0.13.4 and below Description Gogs, an open-source self-hosted Git service, contains an access control bypass issue. Repository collaborators with Write permissions can delete protected branches, including the default branch, by...

9.9CVSS6AI score0.34346EPSS
Exploits45References117
Rows per page
Query Builder