CVE-2026-27660
Affected software: Gitea versions before 1.25.5. Vulnerability: draft release data or attachments can be accessed without the required write permission due to insufficient permission checks on draft releases. Root cause: inadequate access control for draft releases. Impact: unauthorized read of d...