Gitea Latest Vulnerabilities

Repository Ownership Validation Issue in Gitea by Gitea

CVE-2026-20912

GiteaGitea Open Source Git ...9.1CRITICAL

OpenID Visibility Manipulation in Gitea by Authenticated Users

CVE-2026-20904

GiteaGitea Open Source Git ...6.5MEDIUM

Repository Ownership Validation Flaw in Gitea by Gitea

CVE-2026-20897

GiteaGitea Open Source Git ...9.1CRITICAL

Authorization Flaw in Gitea Affects Scheduled Auto-Merge Functionality

CVE-2026-20888

GiteaGitea Open Source Git ...4.3MEDIUM

Access Control Flaw in Gitea's Stopwatch API

CVE-2026-20883

GiteaGitea Open Source Git ...6.5MEDIUM

Access Control Flaw in Gitea Notification API

CVE-2026-20800

GiteaGitea Open Source Git ...6.5MEDIUM

Project Ownership Validation Flaw in Gitea by Gitea

CVE-2026-20750

GiteaGitea Open Source Git ...9.1CRITICAL

Inadequate Attachment Deletion Verification in Gitea by Gitea

CVE-2026-20736

GiteaGitea Open Source Git ...7.5HIGH

Email Notification Flaw in Gitea Affects Private Repository Security

CVE-2026-0798

GiteaGitea Open Source Git ...3.5LOW

Authentication Response Discrepancy in Gitea by Gitea

CVE-2025-69413

GiteaGitea5.3MEDIUM

Cross-Site Scripting Vulnerability in Gitea by Gitea Team

CVE-2025-68946

GiteaGitea5.4MEDIUM

Unauthorized Access Vulnerability in Gitea by Gitea

CVE-2025-68945

GiteaGitea5.8MEDIUM

Access Control Vulnerability in Gitea by Gitea Team

CVE-2025-68944

GiteaGitea5MEDIUM

User Login Time Disclosure in Gitea

CVE-2025-68943

GiteaGitea5.3MEDIUM

Cross-Site Scripting Vulnerability in Gitea by Gitea Team

CVE-2025-68942

GiteaGitea5.4MEDIUM

Access Control Flaw in Gitea Affects Privileged Resource Management

CVE-2025-68941

GiteaGitea4.9MEDIUM

Insufficient Branch Deletion Permissions in Gitea by Gitea Team

CVE-2025-68940

GiteaGitea3.1LOW

File Extension Manipulation Vulnerability in Gitea by Gitea Team

CVE-2025-68939

GiteaGitea8.2HIGH

Authorization Flaw in Gitea Affects Release Deletion

CVE-2025-68938

GiteaGitea4.3MEDIUM

Gitea Open Source Git Server Stored XSS Vulnerability

CVE-2024-6886

GiteaGitea Open Source Git ...EPSS 16%

Code Repository Cloning Vulnerability in Gitea by Gitea

CVE-2022-38795

GiteaGitea6.5MEDIUM

Open Redirect in go-gitea/gitea

CVE-2023-3515

Go-giteaGo-gitea/gitea4.4MEDIUM

Git Backend Vulnerability in Gitea Product from Gitea

CVE-2022-42968

GiteaGitea9.8CRITICAL

Improper Access Control in Gitea Web-Based Platform

CVE-2022-38183

GiteaGitea6.5MEDIUM

Cross-site Scripting (XSS) - Stored in go-gitea/gitea

CVE-2022-1928

Go-giteaGo-gitea/gitea4.4MEDIUM

gitea Latest Vulnerabilities

Vulnerability Published:

Sort By:

22 January 2026

Repository Ownership Validation Issue in Gitea by Gitea

OpenID Visibility Manipulation in Gitea by Authenticated Users

Repository Ownership Validation Flaw in Gitea by Gitea

Authorization Flaw in Gitea Affects Scheduled Auto-Merge Functionality

Access Control Flaw in Gitea's Stopwatch API

Access Control Flaw in Gitea Notification API

Project Ownership Validation Flaw in Gitea by Gitea

Inadequate Attachment Deletion Verification in Gitea by Gitea

Email Notification Flaw in Gitea Affects Private Repository Security

1 January 2026

Authentication Response Discrepancy in Gitea by Gitea

26 December 2025

Cross-Site Scripting Vulnerability in Gitea by Gitea Team

Unauthorized Access Vulnerability in Gitea by Gitea

Access Control Vulnerability in Gitea by Gitea Team

User Login Time Disclosure in Gitea

Cross-Site Scripting Vulnerability in Gitea by Gitea Team

Access Control Flaw in Gitea Affects Privileged Resource Management

Insufficient Branch Deletion Permissions in Gitea by Gitea Team

File Extension Manipulation Vulnerability in Gitea by Gitea Team

Authorization Flaw in Gitea Affects Release Deletion

6 August 2024

Gitea Open Source Git Server Stored XSS Vulnerability

7 August 2023

Code Repository Cloning Vulnerability in Gitea by Gitea

5 July 2023

Open Redirect in go-gitea/gitea

16 October 2022

Git Backend Vulnerability in Gitea Product from Gitea

12 August 2022

Improper Access Control in Gitea Web-Based Platform

29 May 2022

Cross-site Scripting (XSS) - Stored in go-gitea/gitea