Vendor
high
advisory
Gitea: Multiple Vulnerabilities Leading to XSS, Info Disclosure, and File Manipulation
4 TTPsAn attacker can exploit multiple unpatched vulnerabilities in Gitea to bypass security measures, disclose sensitive information, perform Cross-Site Scripting (XSS) attacks, and manipulate files, posing a high risk to self-hosted Git instances.
Gitea
web-exploitation
vulnerability
4t
high
advisory
Gitea Security Bypass Vulnerability
1 TTPA remote, unauthenticated attacker can exploit a vulnerability in Gitea to bypass existing security measures, potentially leading to unauthorized access, privilege escalation, or data manipulation within the application.
Gitea
vulnerability
web-application
defense-evasion
1t
medium
advisory
Gitea Unauthenticated Container Registry Access (CVE-2026-27771)
2 rules 1 TTPA vulnerability in Gitea's built-in container registry (CVE-2026-27771) allows unauthenticated attackers to pull private container images, potentially exposing source code, secrets, and production infrastructure details, affecting over 30,000 deployments.
Gitea +1
vulnerability
container registry
access control
cloud
git
2r
1t