Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2026-23632

Gogs is an open source self-hosted Git service. In version 0.13.3 and prior, the endpoint "PUT /repos/:owner/:repo/contents/*" does not require write permissions and allows access with read permission only via repoAssignment(). After passing the permission check, PutContents() invokes UpdateRepoFile(), which results in commit creation and the execution of git push. As a result, a token with read-only permission can be used to modify repository contents. This issue has been patched in versions 0.13.4 and 0.14.0+dev.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 12.2%
CVSS Severity
CVSS v3 Score 6.5
Products affected by CVE-2026-23632
  • Gogs » Gogs » Version: N/A
    cpe:2.3:a:gogs:gogs:-
  • Gogs » Gogs » Version: 0.10
    cpe:2.3:a:gogs:gogs:0.10
  • Gogs » Gogs » Version: 0.10.1
    cpe:2.3:a:gogs:gogs:0.10.1
  • Gogs » Gogs » Version: 0.10.18
    cpe:2.3:a:gogs:gogs:0.10.18
  • Gogs » Gogs » Version: 0.10.8
    cpe:2.3:a:gogs:gogs:0.10.8
  • Gogs » Gogs » Version: 0.11
    cpe:2.3:a:gogs:gogs:0.11
  • Gogs » Gogs » Version: 0.11.19
    cpe:2.3:a:gogs:gogs:0.11.19
  • Gogs » Gogs » Version: 0.11.29
    cpe:2.3:a:gogs:gogs:0.11.29
  • Gogs » Gogs » Version: 0.11.33
    cpe:2.3:a:gogs:gogs:0.11.33
  • Gogs » Gogs » Version: 0.11.34
    cpe:2.3:a:gogs:gogs:0.11.34
  • Gogs » Gogs » Version: 0.11.4
    cpe:2.3:a:gogs:gogs:0.11.4
  • Gogs » Gogs » Version: 0.11.43
    cpe:2.3:a:gogs:gogs:0.11.43
  • Gogs » Gogs » Version: 0.11.53
    cpe:2.3:a:gogs:gogs:0.11.53
  • Gogs » Gogs » Version: 0.11.66
    cpe:2.3:a:gogs:gogs:0.11.66
  • Gogs » Gogs » Version: 0.11.79
    cpe:2.3:a:gogs:gogs:0.11.79
  • Gogs » Gogs » Version: 0.11.82.1218
    cpe:2.3:a:gogs:gogs:0.11.82.1218
  • Gogs » Gogs » Version: 0.11.86
    cpe:2.3:a:gogs:gogs:0.11.86
  • Gogs » Gogs » Version: 0.11.91
    cpe:2.3:a:gogs:gogs:0.11.91
  • Gogs » Gogs » Version: 0.12
    cpe:2.3:a:gogs:gogs:0.12
  • Gogs » Gogs » Version: 0.12.10
    cpe:2.3:a:gogs:gogs:0.12.10
  • Gogs » Gogs » Version: 0.12.11
    cpe:2.3:a:gogs:gogs:0.12.11
  • Gogs » Gogs » Version: 0.12.13
    cpe:2.3:a:gogs:gogs:0.12.13
  • Gogs » Gogs » Version: 0.12.2
    cpe:2.3:a:gogs:gogs:0.12.2
  • Gogs » Gogs » Version: 0.12.3
    cpe:2.3:a:gogs:gogs:0.12.3
  • Gogs » Gogs » Version: 0.12.4
    cpe:2.3:a:gogs:gogs:0.12.4
  • Gogs » Gogs » Version: 0.12.5
    cpe:2.3:a:gogs:gogs:0.12.5
  • Gogs » Gogs » Version: 0.12.6
    cpe:2.3:a:gogs:gogs:0.12.6
  • Gogs » Gogs » Version: 0.12.7
    cpe:2.3:a:gogs:gogs:0.12.7
  • Gogs » Gogs » Version: 0.12.8
    cpe:2.3:a:gogs:gogs:0.12.8
  • Gogs » Gogs » Version: 0.12.9
    cpe:2.3:a:gogs:gogs:0.12.9
  • Gogs » Gogs » Version: 0.13.0
    cpe:2.3:a:gogs:gogs:0.13.0
  • Gogs » Gogs » Version: 0.13.1
    cpe:2.3:a:gogs:gogs:0.13.1
  • Gogs » Gogs » Version: 0.13.2
    cpe:2.3:a:gogs:gogs:0.13.2
  • Gogs » Gogs » Version: 0.13.3
    cpe:2.3:a:gogs:gogs:0.13.3
  • Gogs » Gogs » Version: 0.2.0
    cpe:2.3:a:gogs:gogs:0.2.0
  • Gogs » Gogs » Version: 0.3.0
    cpe:2.3:a:gogs:gogs:0.3.0
  • Gogs » Gogs » Version: 0.3.1
    cpe:2.3:a:gogs:gogs:0.3.1
  • Gogs » Gogs » Version: 0.4.0
    cpe:2.3:a:gogs:gogs:0.4.0
  • Gogs » Gogs » Version: 0.4.1
    cpe:2.3:a:gogs:gogs:0.4.1
  • Gogs » Gogs » Version: 0.4.2
    cpe:2.3:a:gogs:gogs:0.4.2
  • Gogs » Gogs » Version: 0.5.0
    cpe:2.3:a:gogs:gogs:0.5.0
  • Gogs » Gogs » Version: 0.5.11
    cpe:2.3:a:gogs:gogs:0.5.11
  • Gogs » Gogs » Version: 0.5.13
    cpe:2.3:a:gogs:gogs:0.5.13
  • Gogs » Gogs » Version: 0.5.2
    cpe:2.3:a:gogs:gogs:0.5.2
  • Gogs » Gogs » Version: 0.5.5
    cpe:2.3:a:gogs:gogs:0.5.5
  • Gogs » Gogs » Version: 0.5.8
    cpe:2.3:a:gogs:gogs:0.5.8
  • Gogs » Gogs » Version: 0.5.9
    cpe:2.3:a:gogs:gogs:0.5.9
  • Gogs » Gogs » Version: 0.6.0
    cpe:2.3:a:gogs:gogs:0.6.0
  • Gogs » Gogs » Version: 0.6.1
    cpe:2.3:a:gogs:gogs:0.6.1
  • Gogs » Gogs » Version: 0.6.15
    cpe:2.3:a:gogs:gogs:0.6.15
  • Gogs » Gogs » Version: 0.6.3
    cpe:2.3:a:gogs:gogs:0.6.3
  • Gogs » Gogs » Version: 0.6.5
    cpe:2.3:a:gogs:gogs:0.6.5
  • Gogs » Gogs » Version: 0.6.9
    cpe:2.3:a:gogs:gogs:0.6.9
  • Gogs » Gogs » Version: 0.7.0
    cpe:2.3:a:gogs:gogs:0.7.0
  • Gogs » Gogs » Version: 0.7.19
    cpe:2.3:a:gogs:gogs:0.7.19
  • Gogs » Gogs » Version: 0.7.22
    cpe:2.3:a:gogs:gogs:0.7.22
  • Gogs » Gogs » Version: 0.7.33
    cpe:2.3:a:gogs:gogs:0.7.33
  • Gogs » Gogs » Version: 0.7.6
    cpe:2.3:a:gogs:gogs:0.7.6
  • Gogs » Gogs » Version: 0.8.0
    cpe:2.3:a:gogs:gogs:0.8.0
  • Gogs » Gogs » Version: 0.8.10
    cpe:2.3:a:gogs:gogs:0.8.10
  • Gogs » Gogs » Version: 0.8.25
    cpe:2.3:a:gogs:gogs:0.8.25
  • Gogs » Gogs » Version: 0.8.43
    cpe:2.3:a:gogs:gogs:0.8.43
  • Gogs » Gogs » Version: 0.9.0
    cpe:2.3:a:gogs:gogs:0.9.0
  • Gogs » Gogs » Version: 0.9.113
    cpe:2.3:a:gogs:gogs:0.9.113
  • Gogs » Gogs » Version: 0.9.128
    cpe:2.3:a:gogs:gogs:0.9.128
  • Gogs » Gogs » Version: 0.9.13
    cpe:2.3:a:gogs:gogs:0.9.13
  • Gogs » Gogs » Version: 0.9.141
    cpe:2.3:a:gogs:gogs:0.9.141
  • Gogs » Gogs » Version: 0.9.46
    cpe:2.3:a:gogs:gogs:0.9.46
  • Gogs » Gogs » Version: 0.9.48
    cpe:2.3:a:gogs:gogs:0.9.48
  • Gogs » Gogs » Version: 0.9.60
    cpe:2.3:a:gogs:gogs:0.9.60
  • Gogs » Gogs » Version: 0.9.71
    cpe:2.3:a:gogs:gogs:0.9.71
  • Gogs » Gogs » Version: 0.9.97
    cpe:2.3:a:gogs:gogs:0.9.97


Products
Pricing
Contact Us

Shodan ® - All rights reserved