gogs

Top products

The 15 most recently published vulnerabilities affecting gogs.

• CVE-2026-26276Gogs: DOM-based XSS via milestone selection7.3Mar 5, 2026
• CVE-2026-26196Gogs: Access tokens get exposed through URL params in API requests5.3Mar 5, 2026
• CVE-2026-26195Gogs: Stored XSS in branch and wiki views through author and committer names6.1Mar 5, 2026
• CVE-2026-26194Gogs: Release tag option injection in release deletion7.3Mar 5, 2026
• CVE-2026-25921Gogs: Cross-repository LFS object overwrite via missing content hash verification9.3Mar 5, 2026
• CVE-2026-26022Gogs: Stored XSS via data URI in issue comments8.7Mar 5, 2026
• CVE-2026-25229Gogs Authorization Bypass Allows Cross-Repository Label Modification6.5Feb 19, 2026
• CVE-2026-25242Gogs allows unauthenticated file uploads9.8Feb 19, 2026
• CVE-2026-25232Gogs has a Protected Branch Deletion Bypass in Web Interface8.8Feb 19, 2026
• CVE-2026-25120Gogs Allows Cross-Repository Comment Deletion via DeleteComment2.7Feb 19, 2026
• CVE-2026-24135Gogs vulnerable to arbitrary file deletion via path traversal in wiki page update8.1Feb 6, 2026
• CVE-2026-23633Gogs has arbitrary file read/write via path traversal in Git hook editing6.5Feb 6, 2026
• CVE-2026-23632Gogs user can update repository content with read-only permission6.5Feb 6, 2026
• CVE-2026-22592Gogs is Vulnerable to Denial of Service6.5Feb 6, 2026
• CVE-2025-64175Gogs Vulnerable to 2FA Bypass via Recovery Code8.8Feb 6, 2026