Skip to main content

Gitea CVE-2026-27775

| EUVDEUVD-2026-41636
Incorrect Authorization (CWE-863)
2026-07-03 Gitea

Lifecycle Timeline

1
CVE Published
Jul 03, 2026 - 20:19 cve.org
UNKNOWN (no severity yet)

DescriptionCVE.org

Gitea 1.25.5 caches a branch-specific write-permission result across multiple refs in one pre-receive hook session, allowing a per-branch maintainer-edit grant to be reused for other refs and escalate to full repository write access.

Analysis

Gitea 1.25.5 caches a branch-specific write-permission result across multiple refs in one pre-receive hook session, allowing a per-branch maintainer-edit grant to be reused for other refs and escalate to full repository write access.

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Threat intelligence, references, and detailed analysis are available after sign-in.

More in Gitea

View all
CVE-2026-58053 CRITICAL POC
9.4 Jun 28

Container escape in Gitea act_runner (Docker backend, through act 0.262.0) lets an authenticated user with workflow-exec

CVE-2026-27771 HIGH POC
8.2 Jul 03

Broken access control in Gitea's Composer package registry (versions up to and including 1.26.1) lets remote attackers r

CVE-2026-20896 CRITICAL
9.8 Jul 03

Reverse-proxy authentication bypass in the official Gitea Docker image (versions up to and including 1.26.2) allows any

CVE-2026-58426 CRITICAL
9.6 Jul 03

Cross-repository information disclosure and cross-task tampering in Gitea's self-hosted Git server (fixed in v1.26.2) ar

CVE-2026-22874 CRITICAL
9.6 Jul 03

Server-side request forgery in Gitea versions up to and including 1.26.2 lets authenticated users abuse incomplete allow

CVE-2026-58370 CRITICAL
9.2 Jun 30

Approval-gate bypass in Woodpecker CI before 3.15.0 lets an attacker who can open a merge request from a fork against a

CVE-2026-20912 CRITICAL
9.1 Jan 22

Gitea fails to validate repository ownership when linking attachments to releases, allowing users to attach files from o

CVE-2026-20897 CRITICAL
9.1 Jan 22

Gitea fails to validate repository ownership when deleting Git LFS locks, allowing users with write access to one repo t

CVE-2026-20750 CRITICAL
9.1 Jan 22

Gitea does not properly validate project ownership in organization operations, allowing users with project write access

CVE-2026-28737 HIGH
8.7 Jun 17

Stored cross-site scripting in Gitea 1.25.x affects the built-in 3D file viewer (Online3DViewer integration) where a cra

CVE-2026-26231 HIGH
8.5 Jun 16

Authorization bypass in Gitea versions up to and including 1.26.1 allows any authenticated user with mere read access to

CVE-2026-24791 HIGH
8.1 Jun 17

Authorization bypass in Gitea versions 1.22.3 through 1.26.1 allows holders of `public-only` access tokens or OAuth gran

Share

CVE-2026-27775 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy