2 matches found
CVE-2026-20909
Gitea (go-gitea/gitea) versions before 1.25.5 are affected by an access control issue in the tracked-time list endpoint, allowing potential disclosure of time-tracking data due to insufficient permission checks. The vulnerability is mitigated by upgrading to version 1.25.5 or higher (as per the l...
PT-2026-55593
Name of the Vulnerable Software and Affected Versions Gitea versions prior to 1.25.5 Description Insufficient visibility checks exist within organization permission APIs, which may affect hidden members and private organizations. Recommendations Update to version 1.25.5 or later...