Unauthorized Commit Authorization in Gitea by Gitea
CVE-2026-26231
8.5HIGH
What is CVE-2026-26231?
Certain versions of Gitea, specifically up to and including 1.26.1, mishandle permissions allowing maintainers to grant unauthorized commit access to repositories. This flaw can enable users to make commits in repositories they are only permitted to read, potentially compromising the integrity of the code. Proper access controls are crucial for maintaining repository security and preventing unauthorized modifications.
Affected Version(s)
Gitea Open Source Git Server 0 <= 1.26.1
