CVE-2026-22874

Summary

Gitea versions up to and including 1.26.2 have incomplete SSRF protection in webhook and migration allow-list filtering.

Affected Software

VendorProductVersion RangeStatus
GiteaGitea Open Source Git Server0 <= 1.26.2affected

Weaknesses

  • CWE-918: CWE-918

References