HarborGuardharborguardDatabase
Back to search
HIGHCVE-2026-58423Published Modified CNA Gitea

CVE-2026-58423: LFS authentication bypass via malformed SSH sub-verb allows unauthorized read access to private repositories

LFS authentication bypass via malformed SSH sub-verb allows unauthorized read access to private repositories

Metrics

CVSS v3.1
7.7
Severity
HIGH
Fixed in
Affected Products
1

Get notified

Email me when this CVE is updated: new fix versions, severity changes, or any record change.

Affected packages
  • Gitea / Gitea Open Source Git Server
    ≤ 1.26.2
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N