CVE-2026-27771
HIGH SEVERITYCVSS Score & Metrics
Base Score
8.2 / 10
Vector String
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
Vulnerability Description
Gitea versions up to and including 1.26.1 have insufficient permission checks for Composer package source links, which can expose private or internal package source information.
Vulnerability Details
Published Date
Last Modified
CWE ID
CWE-862
Source
NVD
Vendor
Gitea
Product
Gitea Open Source Git Server
Discussion (0)
Add Comment
No comments yet. Be the first!