Exposure of Gogs

Development

22

exposure score

8

sites use

1

exploited

4

critical

CVEs

23 results

CVE-2025-8110HIGHFile overwrite in file update API in GogsEPSS 76.5%KEV CVE-2024-55947HIGHGogs has a Path Traversal in file update APIEPSS 75.2%CVE-2022-32174CRITICALGogs - XSSEPSS 58.0%CVE-2025-64111CRITICALGogs's update .git/config file allows remote command executionEPSS 1.2%CVE-2024-56731CRITICALGogs deletion of internal files allows remote command executionEPSS 1.0%CVE-2024-54148HIGHGogs has a Path Traversal in file editing UIEPSS 0.8%CVE-2022-31038MEDIUMXSS vulnerability in repository issue list in GogsEPSS 0.7%CVE-2026-24135HIGHGogs vulnerable to arbitrary file deletion via path traversal in wiki page updateEPSS 0.7%CVE-2026-25242MEDIUMGogs allows unauthenticated file uploadsEPSS 0.6%CVE-2026-23633MEDIUMGogs has arbitrary file read/write via path traversal in Git hook editingEPSS 0.5%CVE-2026-25232HIGHGogs has a Protected Branch Deletion Bypass in Web InterfaceEPSS 0.4%CVE-2026-26194HIGHGogs: Release tag option injection in release deletionEPSS 0.4%CVE-2025-64175HIGHGogs Vulnerable to 2FA Bypass via Recovery CodeEPSS 0.4%CVE-2026-22592MEDIUMGogs is Vulnerable to Denial of ServiceEPSS 0.3%CVE-2026-25921CRITICALGogs: Cross-repository LFS object overwrite via missing content hash verificationEPSS 0.3%CVE-2026-26022HIGHGogs: Stored XSS via data URI in issue commentsEPSS 0.3%CVE-2025-47943MEDIUMGogs stored XSS in PDF rendererEPSS 0.3%CVE-2026-23632MEDIUMGogs user can update repository content with read-only permissionEPSS 0.3%CVE-2026-25120MEDIUMGogs Allows Cross-Repository Comment Deletion via DeleteCommentEPSS 0.3%CVE-2026-26196MEDIUMGogs: Access tokens get exposed through URL params in API requestsEPSS 0.3%

← previouspage 1 / 2next →

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →