CVE-2026-25038
Gitea 1.26.2 exposes private organization labels to unauthorized users. Root cause and exact vectors are not detailed in the provided documents; however, the issue is addressed in the 1.26.3/1.26.4 releases (see release notes and security advisories). Remediation: upgrade to a version containing ...