95 matches found
Access Control Bypass
Overview Affected versions of this package are vulnerable to Access Control Bypass due to the default configuration of REVERSEPROXYTRUSTEDPROXIES allowing all sources. An attacker can gain unauthorized access by sending spoofed reverse-proxy authentication headers such as X-WEBAUTH-USER...
Access Control Bypass
Overview Affected versions of this package are vulnerable to Access Control Bypass via the OAuth sign-in callback process. An attacker can regain access to accounts that have been disabled by an administrator by initiating an OAuth sign-in, resulting in unauthorized re-enablement of those account...
CVE-2026-28740
Gitea versions up to and including 1.26.2 allow Git LFS object reuse to authorize private source objects for users who have repository access but lack Code-unit access...
CVE-2026-28744
Gitea
EUVD-2026-41637
Gitea versions before 1.25.5 accept malformed or injected forwarded-proto values when detecting public URLs, allowing spoofed canonical URL generation...
CVE-2026-27657
Gitea versions before 1.25.5 allow a user to change another user's primary email address...
CVE-2026-26307
Gitea versions before 1.25.5 do not enforce a timeout on git grep searches, allowing expensive searches to consume server resources...
CVE-2026-26231 Gitea maintainer-edit permissions allow unauthorized commits to readable repositories
Gitea versions up to and including 1.26.1 allow the Allow edits from maintainers permission path to authorize commits to repositories that the user can read but should not be able to write...
CVE-2026-26232 Gitea OAuth2 authorization codes lack expiry and reuse enforcement
Gitea versions before 1.25.5 do not consistently enforce OAuth2 authorization code expiry and single-use behavior during token exchange...
CVE-2026-22874 Gitea webhook and migration allow-list filtering permits SSRF
Gitea versions up to and including 1.26.2 have incomplete SSRF protection in webhook and migration allow-list filtering...
CVE-2026-22555 Gitea organization forks can expose organization secrets without create permission
Gitea versions before 1.26.0 allow API users to fork a repository into an organization without first passing the CanCreateOrgRepo check, which can expose organization secrets...
CVE-2026-20779 Gitea TOTP single-use enforcement defect allows OTP replay
Gitea versions from 1.5.0 before 1.26.3 have a TOTP single-use enforcement defect that allows a valid TOTP code to be accepted more than once across web two-factor authentication flows and the Basic Auth X-Gitea-OTP path...
PT-2026-55606
Name of the Vulnerable Software and Affected Versions Gitea versions prior to 1.25.5 Description The software uses release tag names and asset names as filesystem path components during the process of dumping release assets. This behavior allows specially crafted names to manipulate the resulting...
PT-2026-55603
Name of the Vulnerable Software and Affected Versions Gitea version 1.25.5 Description The software caches a branch-specific write-permission result across multiple refs during a single pre-receive hook session. This behavior allows a user with a per-branch maintainer-edit grant to reuse that...
CVE-2026-46601 vulnerabilities
Vulnerabilities for packages: pdfcpu, rclone, gitea, mailpit, kubescape, seaweedfs, mattermost, ollama, bento...
Gitea: Authorization Bypass via "Allow edits from maintainers" allows unauthorized commits to any readable repo
Summary Any authenticated low-privilege user with read access to a repository can push arbitrary commits directly to that repository, bypassing all write-access checks. Vulnerability Gitea's "Allow edits from maintainers" PR option can be abused via reverse-fork PRs: 1. The web UI PR-create...
PT-2026-50136
Name of the Vulnerable Software and Affected Versions Gitea affected versions not specified Description An authorization bypass allows any authenticated low-privilege user with read access to a repository to push arbitrary commits directly to that repository, bypassing write-access checks. This...
CVE-2026-27771
creationtimestamp| type| source ---|---|--- 2026-05-27 08:06:32+00:00| seen| https://thehackernews.com/2026/05/gitea-vulnerability-exposes-private.html 2026-05-27 10:09:05+00:00| seen| https://t.me/thehackernews/9089 2026-05-27 12:02:14+00:00| seen|...
PT-2026-43391
Name of the Vulnerable Software and Affected Versions Gitea versions prior to 1.26.2 Forgejo versions prior to 1.26.2 Description A critical access control issue in the container registry allows unauthenticated remote attackers to pull private container images without credentials. The system fail...
Improper Access Control
code.gitea.io/gitea is vulnerable to improper access control. The vulnerability is due to insufficient authorization checks, which allows an anonymous attacker to access private user projects...