CVE-2026-20912 | Gitea up to 1.25.3 Attachment Upload access control (GHSA-vfmv-f93v-37mw)

Inserito da Angelo Barbosa | Gen 23, 2026 | CVE

A vulnerability classified as critical was found in Gitea up to 1.25.3. This vulnerability affects unknown code of the component Attachment Upload Handler. The manipulation results in improper access controls.

This vulnerability is known as CVE-2026-20912. It is possible to launch the attack remotely. No exploit is available.

Upgrading the affected component is advised.

CVE-2026-20912 | Gitea up to 1.25.3 Attachment Upload access control (GHSA-vfmv-f93v-37mw)

Post correlati

CVE-2024-11683 | Newsletter Subscriptions Plugin up to 2.1 on WordPress cross site scripting

CVE-2024-5265 | WPBakery Page Builder Plugin up to 7.6 on WordPress VC Single Image Link Attribute cross site scripting

CVE-2024-34475 | Open5GS up to 2.7.0 NAS Message amf/gmm-sm.c gmm_state_authentication assertion

CVE-2025-10252 | SEAT Queue Ticket Kiosk up to 20250827 Java RMI Registry deserialization