Lucene search
K

6 matches found

Snyk
Snyk
added 2026/07/03 10:19 p.m.7 views

Access Control Bypass

Overview Affected versions of this package are vulnerable to Access Control Bypass due to insufficient permission checks in the draft release process. An attacker can access sensitive draft release data or attachments by bypassing required write permissions. Remediation Upgrade...

7.5CVSS6AI score0.00345EPSS
Exploits0References2
NVD
NVD
added 2026/07/03 9:16 p.m.8 views

CVE-2026-27660

Gitea versions before 1.25.5 allow draft release data or attachments to be accessed without the required write permission...

7.5CVSS0.00345EPSS
Exploits0References4
OSV
OSV
added 2026/07/03 8:19 p.m.4 views

CVE-2026-27660 Gitea draft releases use insufficient permission checks

Gitea versions before 1.25.5 allow draft release data or attachments to be accessed without the required write permission...

7.5CVSS5.9AI score0.00345EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/07/03 8:19 p.m.7 views

CVE-2026-27660

Gitea versions before 1.25.5 allow draft release data or attachments to be accessed without the required write permission...

5.9AI score0.00345EPSS
Exploits0References5
EUVD
EUVD
added 2026/07/03 8:19 p.m.6 views

EUVD-2026-41633

Gitea versions before 1.25.5 allow draft release data or attachments to be accessed without the required write permission...

5.9AI score0.00345EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.12 views

PT-2026-55601

Name of the Vulnerable Software and Affected Versions Gitea versions prior to 1.25.5 Description Draft release data or attachments can be accessed by users who do not possess the necessary write permissions. Recommendations Update to version 1.25.5 or later...

7.5CVSS6.1AI score0.00345EPSS
Exploits0References7
Rows per page
Query Builder