Gitea versions before 1.25.5 have insufficient visibility checks in organization permission APIs for hidden members and private organizations.
History

Fri, 03 Jul 2026 20:45:00 +0000

Type Values Removed Values Added
Description Gitea versions before 1.25.5 have insufficient visibility checks in organization permission APIs for hidden members and private organizations.
Title Gitea organization permission APIs expose private visibility information
Weaknesses CWE-284
References

cve-icon MITRE

Status: PUBLISHED

Assigner: Gitea

Published:

Updated: 2026-07-03T20:19:32.421Z

Reserved: 2026-03-03T03:25:28.672Z

Link: CVE-2026-25712

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.