Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-26231

Summary
Assigner-Gitea
Assigner Org ID-88ee5874-cf24-4952-aea0-31affedb7ff2
Published At-03 Jul, 2026 | 20:19
Updated At-03 Jul, 2026 | 20:19
Rejected At-
Credits

Gitea maintainer-edit permissions allow unauthorized commits to readable repositories

Gitea versions up to and including 1.26.1 allow the Allow edits from maintainers permission path to authorize commits to repositories that the user can read but should not be able to write.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:Gitea
Assigner Org ID:88ee5874-cf24-4952-aea0-31affedb7ff2
Published At:03 Jul, 2026 | 20:19
Updated At:03 Jul, 2026 | 20:19
Rejected At:
â–¼CVE Numbering Authority (CNA)
Gitea maintainer-edit permissions allow unauthorized commits to readable repositories

Gitea versions up to and including 1.26.1 allow the Allow edits from maintainers permission path to authorize commits to repositories that the user can read but should not be able to write.

Affected Products
Vendor
Gitea
Product
Gitea Open Source Git Server
Default Status
unaffected
Versions
Affected
  • From 0 through 1.26.1 (semver)
Problem Types
TypeCWE IDDescription
CWECWE-863CWE-863
Type: CWE
CWE ID: CWE-863
Description: CWE-863
Metrics
VersionBase scoreBase severityVector
3.18.5HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:N
Version: 3.1
Base score: 8.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

reporter
ddd
Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://github.com/go-gitea/gitea/security/advisories/GHSA-mm7c-rhg6-qr4r
vendor-advisory
https://github.com/go-gitea/gitea/pull/37479
patch
https://github.com/go-gitea/gitea/pull/37484
patch
https://github.com/go-gitea/gitea/releases/tag/v1.26.2
release-notes
https://blog.gitea.com/release-of-1.26.2/
release-notes
Hyperlink: https://github.com/go-gitea/gitea/security/advisories/GHSA-mm7c-rhg6-qr4r
Resource:
vendor-advisory
Hyperlink: https://github.com/go-gitea/gitea/pull/37479
Resource:
patch
Hyperlink: https://github.com/go-gitea/gitea/pull/37484
Resource:
patch
Hyperlink: https://github.com/go-gitea/gitea/releases/tag/v1.26.2
Resource:
release-notes
Hyperlink: https://blog.gitea.com/release-of-1.26.2/
Resource:
release-notes
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:88ee5874-cf24-4952-aea0-31affedb7ff2
Published At:03 Jul, 2026 | 21:16
Updated At:03 Jul, 2026 | 21:16

Gitea versions up to and including 1.26.1 allow the Allow edits from maintainers permission path to authorize commits to repositories that the user can read but should not be able to write.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.18.5HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:N
Type: Secondary
Version: 3.1
Base score: 8.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:N
CPE Matches

Weaknesses
CWE IDTypeSource
CWE-863Secondary88ee5874-cf24-4952-aea0-31affedb7ff2
CWE ID: CWE-863
Type: Secondary
Source: 88ee5874-cf24-4952-aea0-31affedb7ff2
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://blog.gitea.com/release-of-1.26.2/88ee5874-cf24-4952-aea0-31affedb7ff2
N/A
https://github.com/go-gitea/gitea/pull/3747988ee5874-cf24-4952-aea0-31affedb7ff2
N/A
https://github.com/go-gitea/gitea/pull/3748488ee5874-cf24-4952-aea0-31affedb7ff2
N/A
https://github.com/go-gitea/gitea/releases/tag/v1.26.288ee5874-cf24-4952-aea0-31affedb7ff2
N/A
https://github.com/go-gitea/gitea/security/advisories/GHSA-mm7c-rhg6-qr4r88ee5874-cf24-4952-aea0-31affedb7ff2
N/A
Hyperlink: https://blog.gitea.com/release-of-1.26.2/
Source: 88ee5874-cf24-4952-aea0-31affedb7ff2
Resource: N/A
Hyperlink: https://github.com/go-gitea/gitea/pull/37479
Source: 88ee5874-cf24-4952-aea0-31affedb7ff2
Resource: N/A
Hyperlink: https://github.com/go-gitea/gitea/pull/37484
Source: 88ee5874-cf24-4952-aea0-31affedb7ff2
Resource: N/A
Hyperlink: https://github.com/go-gitea/gitea/releases/tag/v1.26.2
Source: 88ee5874-cf24-4952-aea0-31affedb7ff2
Resource: N/A
Hyperlink: https://github.com/go-gitea/gitea/security/advisories/GHSA-mm7c-rhg6-qr4r
Source: 88ee5874-cf24-4952-aea0-31affedb7ff2
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

11Records found

CVE-2026-27780
Matching Score-6
Assigner-Gitea Limited
ShareView Details
Matching Score-6
Assigner-Gitea Limited
CVSS Score-Not Assigned
EPSS-Not Assigned
Published-03 Jul, 2026 | 20:19
Updated-03 Jul, 2026 | 21:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Gitea pre-receive hook can miss branch-protection checks after scanner errors

Gitea versions before 1.26.0 do not fail closed on bufio.Scanner errors while processing pre-receive hook input, allowing oversized input to bypass branch-protection checks.

Action-Not Available
Vendor-Gitea
Product-Gitea Open Source Git Server
CWE ID-CWE-863
Incorrect Authorization
CVE-2026-27761
Matching Score-6
Assigner-Gitea Limited
ShareView Details
Matching Score-6
Assigner-Gitea Limited
CVSS Score-4.3||MEDIUM
EPSS-Not Assigned
Published-03 Jul, 2026 | 20:19
Updated-03 Jul, 2026 | 21:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Gitea repository feeds bypass API token scope enforcement

Gitea versions up to and including 1.26.2 allow repository RSS and Atom feed endpoints to bypass API access token scope checks, exposing private repository commit data to tokens without the required repository scope.

Action-Not Available
Vendor-Gitea
Product-Gitea Open Source Git Server
CWE ID-CWE-863
Incorrect Authorization
CVE-2026-27775
Matching Score-6
Assigner-Gitea Limited
ShareView Details
Matching Score-6
Assigner-Gitea Limited
CVSS Score-Not Assigned
EPSS-Not Assigned
Published-03 Jul, 2026 | 20:19
Updated-03 Jul, 2026 | 21:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Gitea pre-receive hook permission cache allows full repository write access

Gitea 1.25.5 caches a branch-specific write-permission result across multiple refs in one pre-receive hook session, allowing a per-branch maintainer-edit grant to be reused for other refs and escalate to full repository write access.

Action-Not Available
Vendor-Gitea
Product-Gitea Open Source Git Server
CWE ID-CWE-863
Incorrect Authorization
CVE-2026-28699
Matching Score-6
Assigner-Gitea Limited
ShareView Details
Matching Score-6
Assigner-Gitea Limited
CVSS Score-8.1||HIGH
EPSS-Not Assigned
Published-03 Jul, 2026 | 20:19
Updated-03 Jul, 2026 | 21:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Gitea Basic Auth bypasses OAuth2 access token scopes

Gitea versions up to and including 1.26.1 allow OAuth2 access token scope enforcement to be bypassed through HTTP Basic authentication.

Action-Not Available
Vendor-Gitea
Product-Gitea Open Source Git Server
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-863
Incorrect Authorization
CVE-2026-28740
Matching Score-6
Assigner-Gitea Limited
ShareView Details
Matching Score-6
Assigner-Gitea Limited
CVSS Score-7.1||HIGH
EPSS-Not Assigned
Published-03 Jul, 2026 | 20:19
Updated-03 Jul, 2026 | 21:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Gitea LFS object reuse bypasses Code-unit authorization

Gitea versions up to and including 1.26.2 allow Git LFS object reuse to authorize private source objects for users who have repository access but lack Code-unit access.

Action-Not Available
Vendor-Gitea
Product-Gitea Open Source Git Server
CWE ID-CWE-639
Authorization Bypass Through User-Controlled Key
CWE ID-CWE-863
Incorrect Authorization
CVE-2026-28744
Matching Score-6
Assigner-Gitea Limited
ShareView Details
Matching Score-6
Assigner-Gitea Limited
CVSS Score-8.1||HIGH
EPSS-Not Assigned
Published-03 Jul, 2026 | 20:19
Updated-03 Jul, 2026 | 21:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Gitea Git smart HTTP bypasses repository token scopes for bearer tokens

Gitea versions up to and including 1.26.1 allow Git smart HTTP requests authenticated with bearer tokens to bypass repository token scope checks.

Action-Not Available
Vendor-Gitea
Product-Gitea Open Source Git Server
CWE ID-CWE-863
Incorrect Authorization
CVE-2026-58424
Matching Score-6
Assigner-Gitea Limited
ShareView Details
Matching Score-6
Assigner-Gitea Limited
CVSS Score-8.9||HIGH
EPSS-Not Assigned
Published-03 Jul, 2026 | 20:54
Updated-03 Jul, 2026 | 21:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Permanent Fork PR Workflow Approval Gate Bypass

Permanent Fork PR Workflow Approval Gate Bypass

Action-Not Available
Vendor-Gitea
Product-Gitea Open Source Git Server
CWE ID-CWE-285
Improper Authorization
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CWE ID-CWE-863
Incorrect Authorization
CVE-2025-68941
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-4.9||MEDIUM
EPSS-0.24% / 14.79%
||
7 Day CHG~0.00%
Published-26 Dec, 2025 | 02:31
Updated-02 Jan, 2026 | 19:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Gitea before 1.22.3 mishandles access to a private resource upon receiving an API token with scope limited to public resources.

Action-Not Available
Vendor-giteaGitea
Product-giteaGitea
CWE ID-CWE-863
Incorrect Authorization
CVE-2025-68938
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.35% / 26.91%
||
7 Day CHG~0.00%
Published-26 Dec, 2025 | 01:19
Updated-02 Jan, 2026 | 19:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Gitea before 1.25.2 mishandles authorization for deletion of releases.

Action-Not Available
Vendor-giteaGitea
Product-giteaGitea
CWE ID-CWE-863
Incorrect Authorization
CVE-2025-68940
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-3.1||LOW
EPSS-0.25% / 16.30%
||
7 Day CHG~0.00%
Published-26 Dec, 2025 | 02:14
Updated-02 Jan, 2026 | 19:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Gitea before 1.22.5, branch deletion permissions are not adequately enforced after merging a pull request.

Action-Not Available
Vendor-giteaGitea
Product-giteaGitea
CWE ID-CWE-863
Incorrect Authorization
CVE-2020-5240
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.6||HIGH
EPSS-0.80% / 52.26%
||
7 Day CHG~0.00%
Published-13 Mar, 2020 | 21:20
Updated-04 Aug, 2024 | 08:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
2FA bypass through deleting devices in wagtail-2fa

In wagtail-2fa before 1.4.1, any user with access to the CMS can view and delete other users 2FA devices by going to the correct path. The user does not require special permissions in order to do so. By deleting the other users device they can disable the target users 2FA devices and potentially compromise the account if they figure out their password. The problem has been patched in version 1.4.1.

Action-Not Available
Vendor-labdigitalLab Digital
Product-wagtail-2fawagtail-2fa
CWE ID-CWE-285
Improper Authorization
CWE ID-CWE-863
Incorrect Authorization
Details not found