CVE-2026-26231

Gitea versions up to and including 1.26.1 allow the Allow edits from maintainers permission path to authorize commits to repositories that the user can read but should not be able to write.
Configurations

No configuration.

History

07 Jul 2026, 18:16

Type Values Removed Values Added
References () https://github.com/go-gitea/gitea/security/advisories/GHSA-mm7c-rhg6-qr4r - () https://github.com/go-gitea/gitea/security/advisories/GHSA-mm7c-rhg6-qr4r -

03 Jul 2026, 21:16

Type Values Removed Values Added
New CVE

Information

Published : 2026-07-03 21:16

Updated : 2026-07-07 18:16


NVD link : CVE-2026-26231

Mitre link : CVE-2026-26231

CVE.ORG link : CVE-2026-26231


JSON object : View

Products Affected

No product.

CWE
CWE-863

Incorrect Authorization