Exposure of Gogs
Development44
exposure score
8
sites use
1
exploited
7
critical
CVEs
47 resultsCVE-2026-52811CRITICALGogs: UploadRepoFiles writes outside repo working tree via committed parent symEPSS 0.5%CVE-2026-23633MEDIUMGogs has arbitrary file read/write via path traversal in Git hook editingEPSS 0.5%CVE-2025-64719MEDIUMGogs: Denial of Service in repository/wiki file listing web pagesEPSS 0.4%CVE-2026-25232HIGHGogs has a Protected Branch Deletion Bypass in Web InterfaceEPSS 0.4%CVE-2026-26194HIGHGogs: Release tag option injection in release deletionEPSS 0.4%CVE-2026-52798HIGHGogs: Stored XSS in `.ipynb` PreviewEPSS 0.4%CVE-2026-52810HIGHGogs: Write to readonly repositories using receive-pack + service=git-upload-pack confusionEPSS 0.4%CVE-2025-64175HIGHGogs Vulnerable to 2FA Bypass via Recovery CodeEPSS 0.4%CVE-2026-52799HIGHGogs: Missing Authorization in Attachment DownloadEPSS 0.4%CVE-2026-47267HIGHGogs: SSRF in webhook deliveriesEPSS 0.4%CVE-2026-52805HIGHGogs: Migration Redirect Bypass Leads to Internal Repository TheftEPSS 0.4%CVE-2026-52797HIGHGogs: Overwriting critical files results in a denial of serviceEPSS 0.4%CVE-2026-22592MEDIUMGogs is Vulnerable to Denial of ServiceEPSS 0.3%CVE-2026-25921CRITICALGogs: Cross-repository LFS object overwrite via missing content hash verificationEPSS 0.3%CVE-2026-26022HIGHGogs: Stored XSS via data URI in issue commentsEPSS 0.3%CVE-2025-47943MEDIUMGogs stored XSS in PDF rendererEPSS 0.3%CVE-2026-52796LOWGogs: DoS in rendering issue index patternEPSS 0.3%CVE-2026-23632MEDIUMGogs user can update repository content with read-only permissionEPSS 0.3%CVE-2026-25120MEDIUMGogs Allows Cross-Repository Comment Deletion via DeleteCommentEPSS 0.3%CVE-2026-26196MEDIUMGogs: Access tokens get exposed through URL params in API requestsEPSS 0.3%
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →