Security Vulnerabilities - CVEs Published In January 2026
In Gitea before 1.25.2, /api/v1/user has different responses for failed authentication depending on whether a username exists.
CVSS Score
5.3
EPSS Score
0.001
Published
2026-01-01
Page 24