Skip to main content

Gitea CVE-2026-28705

| EUVDEUVD-2026-41641
Path Traversal (CWE-22)
2026-07-03 Gitea GHSA-7jvx-g65v-r899

Lifecycle Timeline

1
CVE Published
Jul 03, 2026 - 20:19 cve.org
UNKNOWN (no severity yet)

DescriptionCVE.org

Gitea versions before 1.25.5 use release tag names and asset names as filesystem path components when dumping release assets, allowing specially crafted names to affect dump output paths.

Analysis

Gitea versions before 1.25.5 use release tag names and asset names as filesystem path components when dumping release assets, allowing specially crafted names to affect dump output paths.

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Threat intelligence, references, and detailed analysis are available after sign-in.

More in Gitea

View all
CVE-2026-58053 CRITICAL POC
9.4 Jun 28

Container escape in Gitea act_runner (Docker backend, through act 0.262.0) lets an authenticated user with workflow-exec

CVE-2026-27771 HIGH POC
8.2 Jul 03

Broken access control in Gitea's Composer package registry (versions up to and including 1.26.1) lets remote attackers r

CVE-2026-20896 CRITICAL
9.8 Jul 03

Reverse-proxy authentication bypass in the official Gitea Docker image (versions up to and including 1.26.2) allows any

CVE-2026-58426 CRITICAL
9.6 Jul 03

Cross-repository information disclosure and cross-task tampering in Gitea's self-hosted Git server (fixed in v1.26.2) ar

CVE-2026-22874 CRITICAL
9.6 Jul 03

Server-side request forgery in Gitea versions up to and including 1.26.2 lets authenticated users abuse incomplete allow

CVE-2026-58370 CRITICAL
9.2 Jun 30

Approval-gate bypass in Woodpecker CI before 3.15.0 lets an attacker who can open a merge request from a fork against a

CVE-2026-20912 CRITICAL
9.1 Jan 22

Gitea fails to validate repository ownership when linking attachments to releases, allowing users to attach files from o

CVE-2026-20897 CRITICAL
9.1 Jan 22

Gitea fails to validate repository ownership when deleting Git LFS locks, allowing users with write access to one repo t

CVE-2026-20750 CRITICAL
9.1 Jan 22

Gitea does not properly validate project ownership in organization operations, allowing users with project write access

CVE-2026-28737 HIGH
8.7 Jun 17

Stored cross-site scripting in Gitea 1.25.x affects the built-in 3D file viewer (Online3DViewer integration) where a cra

CVE-2026-26231 HIGH
8.5 Jun 16

Authorization bypass in Gitea versions up to and including 1.26.1 allows any authenticated user with mere read access to

CVE-2026-24791 HIGH
8.1 Jun 17

Authorization bypass in Gitea versions 1.22.3 through 1.26.1 allows holders of `public-only` access tokens or OAuth gran

Share

CVE-2026-28705 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy