-
Byte Open Security
(ByteOS Network)
Log In
Sign Up
CVE Vulnerability Details :
CVE-2026-25038
PUBLISHED
More Info
Official Page
Assigner
-
Gitea
Assigner Org ID
-
88ee5874-cf24-4952-aea0-31affedb7ff2
View Known Exploited Vulnerability (KEV) details
Published At
-
03 Jul, 2026 | 20:19
Updated At
-
03 Jul, 2026 | 20:19
Rejected At
-
▼
CVE Numbering Authority (CNA)
Gitea private organization labels are visible to unauthorized users
Gitea 1.26.2 allows unauthorized users to access labels of private organizations.
Affected Products
Vendor
Gitea
Product
Gitea Open Source Git Server
Default Status
unaffected
Versions
Affected
1.26.2
(semver)
Problem Types
Type
CWE ID
Description
CWE
CWE-200
CWE-200
CWE
CWE-862
CWE-862
Type:
CWE
CWE ID:
CWE-200
Description:
CWE-200
Type:
CWE
CWE ID:
CWE-862
Description:
CWE-862
Metrics
Version
Base score
Base severity
Vector
Metrics Other Info
Impacts
CAPEC ID
Description
Solutions
Configurations
Workarounds
Exploits
Credits
reporter
ybsun0215
Timeline
Event
Date
Replaced By
Rejected Reason
References
Hyperlink
Resource
https://github.com/go-gitea/gitea/security/advisories/GHSA-v73x-hx65-6pf4
vendor-advisory
https://github.com/go-gitea/gitea/pull/38151
patch
https://github.com/go-gitea/gitea/releases/tag/v1.26.3
release-notes
https://blog.gitea.com/release-of-1.26.3-and-1.26.4/
release-notes
Hyperlink:
https://github.com/go-gitea/gitea/security/advisories/GHSA-v73x-hx65-6pf4
Resource:
vendor-advisory
Hyperlink:
https://github.com/go-gitea/gitea/pull/38151
Resource:
patch
Hyperlink:
https://github.com/go-gitea/gitea/releases/tag/v1.26.3
Resource:
release-notes
Hyperlink:
https://blog.gitea.com/release-of-1.26.3-and-1.26.4/
Resource:
release-notes
Details not found