Vulnerability in Gitea Open Source Git Server

CVE-2026-25718

Gitea versions before 1.25.5 mishandle path resolution during template repository generation, allowing template processing to read or write through symlinked or otherwise non-regular paths.

Affected products

Weakness classification (CWE)

References