CVE-2026-25718

Summary

Gitea versions before 1.25.5 mishandle path resolution during template repository generation, allowing template processing to read or write through symlinked or otherwise non-regular paths.

Affected Software

VendorProductVersion RangeStatus
GiteaGitea Open Source Git Server0 < 1.25.5affected

Weaknesses

  • CWE-59: Improper Link Resolution Before File Access ('Link Following')

References