Zurück zur CVE-Übersicht
CVE-2026-26231
HIGH(8.5)CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:N
Risk Signal Score26/100 — MITTEL
- CVSS 8.5 — Hoch
EPSS-Score
0%
Exploit-Wahrscheinlichkeit (30 Tage)
CVSS Score
8.5
Technische Schwere
Beschreibung
Gitea versions up to and including 1.26.1 allow the Allow edits from maintainers permission path to authorize commits to repositories that the user can read but should not be able to write.
GitHub Advisories
GHSA-mm7c-rhg6-qr4rHIGH
Gitea: Authorization Bypass via "Allow edits from maintainers" allows unauthorized commits to any readable repo
go/code.gitea.io/gitea→ 1.26.2
GitHub Advisory