Back to CVE List

CVE-2026-26232

Vulnerability Description

Gitea versions before 1.25.5 do not consistently enforce OAuth2 authorization code expiry and single-use behavior during token exchange.

Vulnerability Details

Published Date
Last Modified
CWE ID
CWE-294
Source
NVD
Vendor
Gitea
Product
Gitea Open Source Git Server

External References

Discussion (0)

Add Comment

No comments yet. Be the first!