Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1336 CNY

100%

CVE-2026-52795— Gogs: Authorization Bypass in Watch API allows any user to monitor private repository activity

CVSS 4.3 · Medium EPSS 0.17% · P6

Possible ATT&CK Techniques 1AI

T1530 · Data from Cloud Storage

Affected Version Matrix 1

VendorProductVersion RangeStatus
gogsgogs<= 0.14.3affected
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-52795

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
Gogs: Authorization Bypass in Watch API allows any user to monitor private repository activity
Source: NVD (National Vulnerability Database)
Vulnerability Description
Gogs is an open source self-hosted Git service. In 0.14.3 and earlier, any authenticated user can watch a private repository they have no access to, because the access check in the Watch API handler is inverted. The code checks if repoCtx.ViewerCanRead() (returns 404 when the user CAN read) instead of if !repoCtx.ViewerCanRead() (return 404 when the user CANNOT read). Once watching, the attacker's dashboard activity feed shows commit messages, branch names, issue titles, and PR details from the private repository. If email notifications are enabled, the attacker also receives emails containing issue and comment content.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
授权机制不正确
Source: NVD (National Vulnerability Database)
Vulnerability Title
Gogs 授权问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Gogs是Gogs团队开源的一个源代码管理软件。 Gogs 0.14.3及之前版本存在授权问题漏洞,该漏洞源于Watch API处理器中的访问检查逻辑反转。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
gogsgogs <= 0.14.3 -

II. Public POCs for CVE-2026-52795

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2026-52795

登录查看更多情报信息。

Patches & Fixes for CVE-2026-52795 (1)

Vendor Advisories for CVE-2026-52795 (1)

Same Patch Batch · gogs · 2026-06-24 · 24 CVEs total

CVE-2026-5281310.0 CRITICALGogs: Path Traversal in organization name results in RCE through Git hooks
CVE-2026-528069.9 CRITICALGogs: RCE via git rebase --exec argument injection in pull request merge
CVE-2026-527988.9 HIGHGogs: Stored XSS in `.ipynb` Preview
CVE-2026-528008.8 HIGHGogs: CSRF Leading to Organization Owner Takeover
CVE-2026-528058.7 HIGHGogs: Migration Redirect Bypass Leads to Internal Repository Theft
CVE-2026-527978.5 HIGHGogs: Overwriting critical files results in a denial of service
CVE-2026-472678.3 HIGHGogs: SSRF in webhook deliveries
CVE-2026-528018.1 HIGHGogs: Ability to import local repositories via Mirror Settings
CVE-2026-527997.5 HIGHGogs: Missing Authorization in Attachment Download
CVE-2026-528087.1 HIGHGogs: Write-level collaborators can mutate admin-only repository settings via API
CVE-2026-528096.8 MEDIUMGogs: Password-reset tokens use account-activation lifetime, ignoring RESET_PASSWORD_CODE_
CVE-2026-528025.4 MEDIUMGogs: Open Redirect via redirect_to in Gogs
CVE-2025-647194.9 MEDIUMGogs: Denial of Service in repository/wiki file listing web pages
CVE-2026-527963.5 LOWGogs: DoS in rendering issue index pattern
CVE-2026-52810Gogs: Write to readonly repositories using receive-pack + service=git-upload-pack confusio
CVE-2026-52814Gogs: Unauthenticated Asymmetric Denial of Service (DoS) via SSH Handshake Stall (File Des
CVE-2026-52807Gogs: DOM-based XSS via Milestone Name on New Issue Page
CVE-2026-52812Gogs: LFS dedupe path leaks private repo content across tenants
CVE-2026-52804Gogs: Privilege Escalation via Collaboration Access Mode Validation
CVE-2026-52816Gogs: Unauthenticated Jupyter Notebook (ipynb) Sanitizer allows arbitrary data: URIs leadi

Showing top 20 of 24 CVEs. View all on vendor page &rarr; →

IV. Related Vulnerabilities

V. Comments for CVE-2026-52795

No comments yet


Leave a comment