CVE-2026-26196
Gogs is an open source self-hosted Git service. Prior to version 0.14.2, gogs api still accepts tokens in url params like token and accesstoken, which can leak through logs, browser history, and referrers. This issue has been patched in version 0.14.2...