Resource Consumption Vulnerability in Gitea by Vendor Gitea
CVE-2026-26307

Currently unrated

Key Information:

Vendor

Gitea

Vendor
CVE Published:
3 July 2026

What is CVE-2026-26307?

Gitea versions prior to 1.25.5 are vulnerable due to a lack of enforced timeout on git grep searches. This oversight allows excessively long-running searches to exhaust server resources, potentially leading to performance degradation or service disruption. Users and administrators should upgrade to version 1.25.5 or later to mitigate this issue and ensure optimal server performance.

Affected Version(s)

Gitea Open Source Git Server 0 < 1.25.5

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

uug4na
.