12 matches found
CVE-2026-27761
Gitea versions up to and including 1.26.2 allow repository RSS and Atom feed endpoints to bypass API access token scope checks, exposing private repository commit data to tokens without the required repository scope...
CVE-2026-20706
Gitea versions up to and including 1.26.1 allow repository archive downloads to bypass token scope checks on the web archive download endpoint...
CVE-2026-28699
Gitea versions up to and including 1.26.1 allow OAuth2 access token scope enforcement to be bypassed through HTTP Basic authentication...
CVE-2026-28699 Gitea Basic Auth bypasses OAuth2 access token scopes
Gitea versions up to and including 1.26.1 allow OAuth2 access token scope enforcement to be bypassed through HTTP Basic authentication...
CVE-2026-27761 Gitea repository feeds bypass API token scope enforcement
Gitea versions up to and including 1.26.2 allow repository RSS and Atom feed endpoints to bypass API access token scope checks, exposing private repository commit data to tokens without the required repository scope...
CVE-2026-27761
Gitea versions up to and including 1.26.2 expose private repository commit data via RSS/Atom feed endpoints by bypassing API access token scope checks. This affects feeds that do not enforce repository scope, allowing tokens without repository scope to access private data. Public references indic...
GO-2026-5334 Gitea: Token scope bypass on web archive download endpoint in code.gitea.io/gitea
Gitea: Token scope bypass on web archive download endpoint in code.gitea.io/gitea...
PT-2026-50584
Name of the Vulnerable Software and Affected Versions Gitea versions prior to 1.26.2 Description Authenticated self routes under the /api/v1/user/... group do not properly enforce the public-only token restriction. This allows a token or OAuth grant marked as public-only to access or modify priva...
PT-2026-50138
Name of the Vulnerable Software and Affected Versions Gitea versions prior to 1.26.1 Description In the Git Smart HTTP path, the system fails to enforce repository-scoped access-token permissions when tokens are provided via Bearer authentication. While the CheckRepoScopedToken function is design...
CVE-2026-40103
Vikunja is an open-source self-hosted task management platform. Prior to 2.3.0, Vikunja's scoped API token enforcement for custom project background routes is method-confused. A token with only projects.background can successfully delete a project background, while a token with only...
CVE-2026-40103 Vikunja's Scoped API tokens with projects.background permission can delete project backgrounds
Vikunja is an open-source self-hosted task management platform. Prior to 2.3.0, Vikunja's scoped API token enforcement for custom project background routes is method-confused. A token with only projects.background can successfully delete a project background, while a token with only...
CVE-2025-14025
CVE-2025-14025 affects Red Hat Ansible Automation Platform (AAP) where read-only OAuth2 tokens bypass gateway write restrictions, enabling write operations to backend services (Controller, Hub, EDA) limited only by RBAC. The issue is fixed via Red Hat advisories RHSA-2026:0360/0361, which note a ...