Lucene search
K

235 matches found

CVE
CVE
added yesterday3 views

CVE-2026-22547

CVE-2026-22547 affects Gitea versions before 1.25.5. The issue is that repository creation fields lack validation constraints, including length-limited template fields and trust model/object format values, allowing invalid field values. The root cause is insufficient validation in the repository ...

5.9AI score
Exploits0References4
EUVD
EUVD
added yesterday3 views

EUVD-2026-41616

Gitea versions before 1.25.5 lack validation constraints for repository creation fields, including length-limited template fields and trust model or object format values...

5.9AI score
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/06/17 6:8 p.m.21 views

Gitea: API Fork Missing CanCreateOrgRepo Check Allows Org Secret Exfiltration

Summary The API endpoint POST /api/v1/repos/owner/repo/forks only checks IsOrgMember when a user forks a repository into an organization, but does not check CanCreateOrgRepo. The web UI fork handler correctly checks both. This allows a read-only organization member — in a team with...

8.1CVSS6AI score
Exploits0References2Affected Software1
OSV
OSV
added 2026/06/17 6:8 p.m.4 views

GHSA-FHX7-M96W-MV29 Gitea: API Fork Missing CanCreateOrgRepo Check Allows Org Secret Exfiltration

Summary The API endpoint POST /api/v1/repos/owner/repo/forks only checks IsOrgMember when a user forks a repository into an organization, but does not check CanCreateOrgRepo. The web UI fork handler correctly checks both. This allows a read-only organization member — in a team with...

8.1CVSS6AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/17 12:0 a.m.13 views

PT-2026-50583

Name of the Vulnerable Software and Affected Versions Gitea version 1.23 Description An authorization inconsistency exists between the web UI and the API regarding repository forking. The API endpoint POST /api/v1/repos/owner/repo/forks fails to verify the CanCreateOrgRepo permission, checking on...

8.1CVSS5.9AI score
Exploits0References8
Snyk
Snyk
added 2026/05/18 9:0 p.m.7 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential-stealing payload and worm propagation logic. A malicious actor associated with the "TeamPCP" or "Mini Shai-Hulud" campaign compromised a maintainer's access token; this allowed the...

9.8CVSS5.9AI score
Exploits0References2
Snyk
Snyk
added 2026/05/18 9:0 p.m.10 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential-stealing payload and worm propagation logic. A malicious actor associated with the "TeamPCP" or "Mini Shai-Hulud" campaign compromised a maintainer's access token; this allowed the...

9.8CVSS5.9AI score
Exploits0References2
Snyk
Snyk
added 2026/05/18 9:0 p.m.7 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential-stealing payload and worm propagation logic. A malicious actor associated with the "TeamPCP" or "Mini Shai-Hulud" campaign compromised a maintainer's access token; this allowed the...

9.8CVSS5.9AI score
Exploits0References2
Snyk
Snyk
added 2026/05/18 9:0 p.m.8 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential-stealing payload and worm propagation logic. A malicious actor associated with the "TeamPCP" or "Mini Shai-Hulud" campaign compromised a maintainer's access token; this allowed the...

9.8CVSS5.9AI score
Exploits0References2
Snyk
Snyk
added 2026/05/18 9:0 p.m.14 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential-stealing payload and worm propagation logic. A malicious actor associated with the "TeamPCP" or "Mini Shai-Hulud" campaign compromised a maintainer's access token; this allowed the...

9.8CVSS5.9AI score
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/03/11 7:8 a.m.7 views

CVE-2026-30920

OneUptime is a solution for monitoring and managing online services. Prior to 10.0.19, OneUptime's GitHub App callback trusts attacker-controlled state and installationid values and updates Project.gitHubAppInstallationId with isRoot: true without validating that the caller is authorized for the...

8.6CVSS5.8AI score0.00196EPSS
Exploits1References1
NVD
NVD
added 2026/03/10 5:40 p.m.10 views

CVE-2026-30920

OneUptime is a solution for monitoring and managing online services. Prior to 10.0.19, OneUptime's GitHub App callback trusts attacker-controlled state and installationid values and updates Project.gitHubAppInstallationId with isRoot: true without validating that the caller is authorized for the...

8.6CVSS0.00196EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/03/09 10:57 p.m.2 views

CVE-2026-30920 OneUptime has broken access control in GitHub App installation flow that allows unauthorized project binding

OneUptime is a solution for monitoring and managing online services. Prior to 10.0.19, OneUptime's GitHub App callback trusts attacker-controlled state and installationid values and updates Project.gitHubAppInstallationId with isRoot: true without validating that the caller is authorized for the...

8.6CVSS5.8AI score0.00196EPSS
Exploits1References1
EUVD
EUVD
added 2026/03/09 10:57 p.m.5 views

EUVD-2026-10433

OneUptime is a solution for monitoring and managing online services. Prior to 10.0.19, OneUptime's GitHub App callback trusts attacker-controlled state and installationid values and updates Project.gitHubAppInstallationId with isRoot: true without validating that the caller is authorized for the...

8.6CVSS5.8AI score0.00196EPSS
Exploits1References1
Veracode
Veracode
added 2026/03/02 6:52 p.m.4 views

Directory Traversal

mcp-server-git is vulnerable to Directory Traversal. The vulnerability is due to the gitinit tool accepting arbitrary filesystem paths and creating Git repositories without validating the target location, where an attacker can exploit this to create repositories at arbitrary locations, and...

8.8CVSS6.1AI score0.07822EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2025/12/17 10:9 p.m.4 views

EUVD-2025-203936

Model Context Protocol Servers is a collection of reference implementations for the model context protocol MCP. In mcp-server-git versions prior to 2025.9.25, the gitinit tool accepted arbitrary filesystem paths and created Git repositories without validating the target location. Unlike other too...

6.5CVSS6.3AI score0.07822EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/12/17 10:9 p.m.4 views

CVE-2025-68143 mcp-server-git's unrestricted git_init tool allows repository creation at arbitrary filesystem locations

Model Context Protocol Servers is a collection of reference implementations for the model context protocol MCP. In mcp-server-git versions prior to 2025.9.25, the gitinit tool accepted arbitrary filesystem paths and created Git repositories without validating the target location. Unlike other too...

6.5CVSS6.5AI score0.07822EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/12/17 10:9 p.m.20 views

CVE-2025-68143 mcp-server-git's unrestricted git_init tool allows repository creation at arbitrary filesystem locations

Model Context Protocol Servers is a collection of reference implementations for the model context protocol MCP. In mcp-server-git versions prior to 2025.9.25, the gitinit tool accepted arbitrary filesystem paths and created Git repositories without validating the target location. Unlike other too...

6.5CVSS0.07822EPSS
Exploits0References2
OSV
OSV
added 2025/12/17 10:9 p.m.7 views

CVE-2025-68143 mcp-server-git's unrestricted git_init tool allows repository creation at arbitrary filesystem locations

Model Context Protocol Servers is a collection of reference implementations for the model context protocol MCP. In mcp-server-git versions prior to 2025.9.25, the gitinit tool accepted arbitrary filesystem paths and created Git repositories without validating the target location. Unlike other too...

6.5CVSS6.8AI score0.07822EPSS
Exploits0References4
Snyk
Snyk
added 2025/12/17 7:49 p.m.2 views

Directory Traversal

Overview mcp-server-git is an A Model Context Protocol server providing tools to read, search, and manipulate Git repositories programmatically via LLMs Affected versions of this package are vulnerable to Directory Traversal via the gitinit tool. An attacker can create repositories at arbitrary...

8.8CVSS7.3AI score0.07822EPSS
Exploits0References2
Rows per page
Query Builder