CVE Field Guide
About Us
CVE-2026-25038
PUBLISHED
Gitea private organization labels are visible to unauthorized users
Assigner:
Gitea
Reserved:
03.03.2026
Published:
03.07.2026
Updated:
03.07.2026
Gitea 1.26.2 allows unauthorized users to access labels of private organizations.
Product Status
Vendor
Gitea
Product
Gitea Open Source Git Server
Versions
Default:
unaffected
Version 1.26.2 is affected
Credits
ybsun0215
reporter
References
GitHub Security Advisory
GitHub Pull Request #38151
Gitea v1.26.3 Release
Gitea v1.26.4 Release Blog Post
Problem Types
CWE-200
CWE
CWE-862
CWE