Lucene search
K

5 matches found

CVE
CVE
added 2 days ago30 views

CVE-2026-27783

CVE-2026-27783 affects Gitea versions up to 1.26.1. The vulnerability arises because the issue_templates, issue_config, and issue_config/validate endpoints do not enforce repository-unit authorization, allowing callers with any repository unit (e.g., Issues) to read Code-tree files from the repos...

4.3CVSS7.1AI score0.00283EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2 days ago3 views

CVE-2026-27783

Gitea versions up to and including 1.26.1 do not enforce repository-unit authorization on issue-template API endpoints...

4.3CVSS5.9AI score0.00283EPSS
Exploits0References6
OSV
OSV
added 2026/06/25 6:26 p.m.3 views

GO-2026-5081 Gitea: Missing repository-unit authorization on issue-template API endpoints in code.gitea.io/gitea

Gitea: Missing repository-unit authorization on issue-template API endpoints in code.gitea.io/gitea...

4.3CVSS5.8AI score0.00283EPSS
Exploits0References1
OSV
OSV
added 2025/06/23 9:31 p.m.3 views

GHSA-8GFF-CF92-72PV pyspur Incomplete Filtering of Special Elements allowed by SingleLLMCallNode function

A vulnerability was found in PySpur-Dev pyspur up to 0.1.18. It has been classified as critical. Affected is the function SingleLLMCallNode of the file backend/pyspur/nodes/llm/singlellmcall.py of the component Jinja2 Template Handler. The manipulation of the argument usermessage leads to imprope...

6.3CVSS7.1AI score0.0032EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2021/10/05 1:15 p.m.21 views

CVE-2021-39888

In all versions of GitLab EE starting from 13.10 before 14.1.7, all versions starting from 14.2 before 14.2.5, and all versions starting from 14.3 before 14.3.1 a specific API endpoint may reveal details about a private group and other sensitive info inside issue and merge request templates...

4.3CVSS5.8AI score0.01007EPSS
Exploits1References4
Rows per page
Query Builder