Description

Gitea may send release notification emails for private repositories to users whose access has been revoked. When a repository is changed from public to private, users who previously watched the repository may continue to receive release notifications, potentially disclosing release titles, tags, and content.

INFO

Published Date :

2026-01-22T22:01:49.410Z

Last Modified :

2026-01-23T16:49:04.309Z

Source :

Gitea
AFFECTED PRODUCTS

The following products are affected by CVE-2026-0798 vulnerability.

Vendors Products
Gitea
  • Gitea
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-0798.

URL Resource
https://blog.gitea.com/release-of-1.25.4/ cve-icon cve-icon cve-icon
https://github.com/go-gitea/gitea/pull/36319 cve-icon cve-icon cve-icon
https://github.com/go-gitea/gitea/releases/tag/v1.25.4 cve-icon cve-icon cve-icon
https://github.com/go-gitea/gitea/security/advisories/GHSA-f4wq-6ww5-m56p cve-icon cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2026-0798 cve-icon
https://www.cve.org/CVERecord?id=CVE-2026-0798 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact