Gitea versions up to and including 1.26.1 allow the Allow edits from maintainers permission path to authorize commits to repositories that the user can read but should not be able to write.
References
Configurations
No configuration.
History
07 Jul 2026, 18:16
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://github.com/go-gitea/gitea/security/advisories/GHSA-mm7c-rhg6-qr4r - |
03 Jul 2026, 21:16
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2026-07-03 21:16
Updated : 2026-07-07 18:16
NVD link : CVE-2026-26231
Mitre link : CVE-2026-26231
CVE.ORG link : CVE-2026-26231
JSON object : View
Products Affected
No product.
CWE
CWE-863
Incorrect Authorization
