Auth bypass in Gitea Open Source Git Server

CVE-2026-25038

Gitea 1.26.2 allows unauthorized users to access labels of private organizations.

Vulnerability class: Information Disclosure

Affected products

Weakness classification (CWE)

References