CVE-2026-58422
CVE-2026-58422 describes an improper authorization issue in the OAuth sign-in callback, where administrator-disabled accounts can be silently re-enabled. The linked sources corroborate this description and reference related Gitea release notes, but the provided documents do not specify affected p...