CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7 matches found

Gogs <= 0.13.3 - Remote Code Execution

Gogs self-hosted Git service versions 0.13.3 and earlier contain a critical symlink bypass vulnerability that circumvents the fix for CVE-2024-55947. Authenticated users can exploit improper symbolic link handling in the PutContents API to overwrite files outside the repository by committing a...

8.8CVSS7.7AI score0.75675EPSS

Exploits17References4

GithubExploit•added 2026/04/11 10:22 p.m.•98 views

Exploit for CVE-2025-81110

CVE-2025-81110-PoC Improper Symbolic link handling in the PutC...

6AI score

Exploits1

CISA KEV Catalog•added 2026/01/12 12:0 a.m.•8 views

Gogs Path Traversal Vulnerability

Gogs contains a path traversal vulnerability affecting improper Symbolic link handling in the PutContents API that could allow for code execution...

8.8CVSS7.5AI score0.17737EPSS

In wildExploits14

SUSE CVE•added 2026/01/06 12:28 a.m.•2 views

SUSE CVE-2025-8110

Improper Symbolic link handling in the PutContents API in Gogs allows Local Execution of Code...

8.8CVSS7.1AI score0.17737EPSS

Exploits14References2

The Hacker News•added 2025/12/11 10:30 a.m.•2 views

Unpatched Gogs Zero-Day Exploited Across 700+ Instances Amid Active Attacks

A high-severity unpatched security vulnerability in Gogs has come under active exploitation, with more than 700 compromised instances accessible over the internet, according to new findings from Wiz. The flaw, tracked as CVE-2025-8110 CVSS score: 8.7, is a case of file overwrite in the file updat...

8.8CVSS8.3AI score0.75675EPSS

Exploits17