Exposure of Gogs

Development

44

exposure score

8

sites use

1

exploited

7

critical

CVEs

47 results

CVE-2026-25229MEDIUMGogs Authorization Bypass Allows Cross-Repository Label ModificationEPSS 0.3%CVE-2026-52800HIGHGogs: CSRF Leading to Organization Owner TakeoverEPSS 0.2%CVE-2026-52812HIGHGogs: LFS dedupe path leaks private repo content across tenantsEPSS 0.2%CVE-2026-52809MEDIUMGogs: Password-reset tokens use account-activation lifetime, ignoring RESET_PASSWORD_CODE_LIVESEPSS 0.2%CVE-2026-26195MEDIUMGogs: Stored XSS in branch and wiki views through author and committer namesEPSS 0.2%CVE-2026-26276HIGHGogs: DOM-based XSS via milestone selectionEPSS 0.2%CVE-2026-52795MEDIUMGogs: Authorization Bypass in Watch API allows any user to monitor private repository activityEPSS 0.2%

← previouspage 3 / 3next →

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →