| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Gitea | Gitea Open Source Git Server | ≤ 1.26.1 | affected |
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Gitea | Gitea Open Source Git Server | 0 ~ 1.26.1 | - |
| # | POC Description | Source Link | Shenlong Link |
|---|
| CVE-2026-20896 | 9.8 CRITICAL | Gitea Docker image trusts spoofable reverse-proxy headers by default |
| CVE-2026-58426 | 9.6 CRITICAL | Gitea Actions Artifacts V4 signed URL HMAC ambiguity allows cross-repository artifact read |
| CVE-2026-22874 | 9.6 CRITICAL | Gitea webhook and migration allow-list filtering permits SSRF |
| CVE-2026-58424 | 8.9 HIGH | Permanent Fork PR Workflow Approval Gate Bypass |
| CVE-2026-28737 | 8.7 HIGH | Gitea 3D file viewer allows stored XSS through glTF extensionsRequired |
| CVE-2026-26231 | 8.5 HIGH | Gitea maintainer-edit permissions allow unauthorized commits to readable repositories |
| CVE-2026-28744 | 8.1 HIGH | Gitea Git smart HTTP bypasses repository token scopes for bearer tokens |
| CVE-2026-22555 | 8.1 HIGH | Gitea organization forks can expose organization secrets without create permission |
| CVE-2026-58423 | 7.7 HIGH | LFS authentication bypass via malformed SSH sub-verb allows unauthorized read access to pr |
| CVE-2026-28740 | 7.1 HIGH | Gitea LFS object reuse bypasses Code-unit authorization |
| CVE-2026-20779 | 7.1 HIGH | Gitea TOTP single-use enforcement defect allows OTP replay |
| CVE-2026-58418 | 6.5 MEDIUM | SSRF via HTTP Redirect in Repository Migration |
| CVE-2026-27783 | 4.3 MEDIUM | Gitea issue-template APIs bypass repository unit authorization |
| CVE-2026-27761 | 4.3 MEDIUM | Gitea repository feeds bypass API token scope enforcement |
| CVE-2026-25714 | 4.3 MEDIUM | Gitea user organization API bypasses public-only token filtering |
| CVE-2026-20706 | Gitea repository archive downloads bypass token scope checks | |
| CVE-2026-20909 | Gitea tracked-time list endpoint has insufficient permission checks | |
| CVE-2026-58421 | Unauthenticated ReDoS via CODEOWNERS pattern matching allows denial of service | |
| CVE-2026-58419 | Notification API leaks private issue metadata after access revocation | |
| CVE-2026-58422 | Improper authorization on OAuth sign-in callback silently re-enables administrator-disable |
Showing top 20 of 40 CVEs. View all on vendor page → →
No comments yet