Gitea — Vulnerabilities & Security Advisories 22

Browse all 22 CVE security advisories affecting Gitea. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by Gitea:Gitea Gitea Open Source Git Server

CVE ID	Title	CVSS	Severity	Published
CVE-2026-20897	Gitea Git LFS Lock Deletion Broken Access Control (Cross-Repo IDOR) — Gitea Open Source Git ServerCWE-284	6.5^AI	Medium^AI	2026-01-22
CVE-2026-20904	Gitea: Broken access control in OpenID visibility toggle enables cross-user visibility changes — Gitea Open Source Git ServerCWE-284	4.3^AI	Medium^AI	2026-01-22
CVE-2026-20912	Gitea: Cross-Repository Authorization Bypass via Release Attachment Linking Leads to Private Attachment Disclosure — Gitea Open Source Git ServerCWE-284	7.5^AI	High^AI	2026-01-22
CVE-2026-20888	Gitea Pull Requests Auto-Merge: Read-Only Users Can Cancel Scheduled Auto-Merge via Web Endpoint (Authorization Bypass) — Gitea Open Source Git ServerCWE-284	4.3^AI	Medium^AI	2026-01-22
CVE-2026-20883	Gitea Stopwatch API Missing Authorization Check Leads to Post-Revocation Information Disclosure — Gitea Open Source Git ServerCWE-284	5.3^AI	Medium^AI	2026-01-22
CVE-2026-20736	Gitea Web Attachment Deletion: Cross-Repository Unauthorized Deletion via Missing Repo Ownership Check — Gitea Open Source Git ServerCWE-284	6.5^AI	Medium^AI	2026-01-22
CVE-2026-20800	Notification API Leaks Private Repository Issue Titles After Collaborator Permission Revocation — Gitea Open Source Git ServerCWE-200	5.4^AI	Medium^AI	2026-01-22
CVE-2026-20750	Gitea Organization Projects Cross-Organization Authorization Bypass via Project ID (IDOR) — Gitea Open Source Git ServerCWE-284	6.5^AI	Medium^AI	2026-01-22
CVE-2026-0798	Gitea Release Email Notifications Leak Private Repository Release Details After Access Revocation — Gitea Open Source Git ServerCWE-284	3.5^AI	Low^AI	2026-01-22
CVE-2025-69413	Gitea 安全漏洞 — GiteaCWE-204	5.3	Medium	2026-01-01
CVE-2025-68946	Gitea 安全漏洞 — GiteaCWE-79	5.4	Medium	2025-12-26
CVE-2025-68945	Gitea 安全漏洞 — GiteaCWE-359	5.8	Medium	2025-12-26
CVE-2025-68944	Gitea 安全漏洞 — GiteaCWE-441	5.0	Medium	2025-12-26
CVE-2025-68943	Gitea 安全漏洞 — GiteaCWE-497	5.3	Medium	2025-12-26
CVE-2025-68942	Gitea 安全漏洞 — GiteaCWE-79	5.4	Medium	2025-12-26
CVE-2025-68941	Gitea 安全漏洞 — GiteaCWE-863	4.9	Medium	2025-12-26
CVE-2025-68940	Gitea 安全漏洞 — GiteaCWE-863	3.1	Low	2025-12-26
CVE-2025-68939	Gitea 安全漏洞 — GiteaCWE-424	8.2	High	2025-12-26
CVE-2025-68938	Gitea 安全漏洞 — GiteaCWE-863	4.3	Medium	2025-12-26
CVE-2024-6886	Inproper Sanitation of field leading to stored XSS — Gitea Open Source Git ServerCWE-79	5.4^AI	Medium^AI	2024-08-06
CVE-2019-1010261	Gitea 跨站脚本漏洞 — Gitea	6.1	-	2019-07-18
CVE-2019-1010314	Gitea 跨站脚本漏洞 — Gitea	6.1	-	2019-07-11

This page lists every published CVE security advisory associated with Gitea. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.

Goal Reached Thanks to every supporter — we hit 100%!

Gitea — Vulnerabilities & Security Advisories 22