Buffer Overflow Vulnerability in Gitea Branch Protection Mechanism
CVE-2026-27780
Currently unrated
What is CVE-2026-27780?
In Gitea versions before 1.26.0, a vulnerability exists that hampers the effectiveness of the branch protection mechanism. Specifically, the application does not properly handle errors resulting from bufio.Scanner while processing input for pre-receive hooks. This oversight allows oversized inputs to bypass established branch protection checks, potentially leading to unauthorized changes. Users are encouraged to upgrade to version 1.26.0 or later to mitigate this risk.
Affected Version(s)
Gitea Open Source Git Server 0 < 1.26.0
