Unauthenticated ReDoS in Gitea by Go-Gitea
CVE-2026-58421
Currently unrated
What is CVE-2026-58421?
A vulnerability has been identified in Gitea that allows for denial of service through unauthenticated exploitation of pattern matching within the CODEOWNERS file. Attackers can craft malicious inputs that, when processed, may cause excessive resource consumption and disrupt service availability. This issue especially impacts users of Gitea versions 1.26.3 and 1.26.4, and timely remediation through updates is recommended to maintain system integrity.
Affected Version(s)
Gitea Open Source Git Server 0 < 1.26.2
