FLAT-5QECL (CVE-2026-52816)
Reflected cross-site scripting (XSS) In gogs.io/gogs
2.4
Low
Ecosystem: Go
Package: gogs.io/gogs
FLAT-3ERCD (CVE-2026-52815)
Business information leak In gogs.io/gogs
2.7
Low
Ecosystem: Go
Package: gogs.io/gogs
FLAT-8BQTE (CVE-2026-52814)
Asymmetric denial of service In gogs.io/gogs
2.7
Low
Ecosystem: Go
Package: gogs.io/gogs
FLAT-LTGWH (CVE-2026-52813)
Lack of data validation - Path Traversal In gogs.io/gogs
8.4
High
Ecosystem: Go
Package: gogs.io/gogs
FLAT-JA9JB (CVE-2026-52812)
Improper authorization control for web services In gogs.io/gogs
4.9
Medium
Ecosystem: Go
Package: gogs.io/gogs
FLAT-EK3SB (CVE-2026-52811)
Lack of data validation - Path Traversal In gogs.io/gogs
6.1
Medium
Ecosystem: Go
Package: gogs.io/gogs
FLAT-E8WGK (CVE-2026-52810)
Improper authorization control for web services In gogs.io/gogs
5.0
Medium
Ecosystem: Go
Package: gogs.io/gogs
FLAT-IB6BD (CVE-2026-52809)
Insecure session management In gogs.io/gogs
5.7
Medium
Ecosystem: Go
Package: gogs.io/gogs
FLAT-AEHND (CVE-2026-52808)
Excessive privileges In gogs.io/gogs
4.0
Medium
Ecosystem: Go
Package: gogs.io/gogs
FLAT-EQXBS (CVE-2026-52807)
Server side cross-site scripting In gogs.io/gogs
3.6
Low
Ecosystem: Go
Package: gogs.io/gogs
FLAT-YCHDQ (CVE-2026-52806)
Server side template injection In gogs.io/gogs
6.1
Medium
Ecosystem: Go
Package: gogs.io/gogs
FLAT-7KYBQ (CVE-2026-52805)
Server-side request forgery (SSRF) In gogs.io/gogs
5.9
Medium
Ecosystem: Go
Package: gogs.io/gogs
FLAT-CL89S (CVE-2026-52804)
Insecure functionality In gogs.io/gogs
4.8
Medium
Ecosystem: Go
Package: gogs.io/gogs
FLAT-Y7YYV (CVE-2026-52802)
Uncontrolled external site redirect In gogs.io/gogs
1.2
Low
Ecosystem: Go
Package: gogs.io/gogs
FLAT-QY9HG (CVE-2026-52801)
Lack of data validation In gogs.io/gogs
5.7
Medium
Ecosystem: Go
Package: gogs.io/gogs
FLAT-BAXTF (CVE-2026-52800)
Account Takeover In gogs.io/gogs
6.1
Medium
Ecosystem: Go
Package: gogs.io/gogs
FLAT-OZS9P (CVE-2026-52799)
Improper authorization control for web services In gogs.io/gogs
6.3
Medium
Ecosystem: Go
Package: gogs.io/gogs
FLAT-ZMWMU (CVE-2026-52798)
Server side cross-site scripting In gogs.io/gogs
7.2
High
Ecosystem: Go
Package: gogs.io/gogs
FLAT-DT9CM (CVE-2026-52796)
Server side template injection In gogs.io/gogs
0.6
Low
Ecosystem: Go
Package: gogs.io/gogs
FLAT-JWZG5 (CVE-2026-47267)
Server-side request forgery (SSRF) In gogs.io/gogs
9.0
Critical
Ecosystem: Go
Package: gogs.io/gogs
FLAT-H3VQW (CVE-2026-25119)
Spoofing In gogs.io/gogs
6.6
Medium
Ecosystem: Go
Package: gogs.io/gogs
FLAT-HBG5J (CVE-2025-64719)
Lack of data validation In gogs.io/gogs
3.8
Low
Ecosystem: Go
Package: gogs.io/gogs
FLAT-HWPVY (GHSA-6vxv-wg6j-5qwp)
Lack of data validation - Path Traversal In gogs.io/gogs
6.0
Medium
Ecosystem: Go
Package: gogs.io/gogs
FLAT-817BW (CVE-2026-52797)
Lack of data validation - Path Traversal In gogs.io/gogs
4.3
Medium
Ecosystem: Go
Package: gogs.io/gogs
FLAT-6FBXP (CVE-2026-26276)
Server side cross-site scripting In gogs.io/gogs
5.6
Medium
Ecosystem: Go
Package: gogs.io/gogs
FLAT-0A2XE (CVE-2026-26196)
Out-of-bounds read In gogs.io/gogs
2.7
Low
Ecosystem: Go
Package: gogs.io/gogs
FLAT-0S38A (CVE-2026-26195)
Server side cross-site scripting In gogs.io/gogs
2.7
Low
Ecosystem: Go
Package: gogs.io/gogs
FLAT-J2YCA (CVE-2026-26194)
Insecure functionality In gogs.io/gogs
6.7
Medium
Ecosystem: Go
Package: gogs.io/gogs
FLAT-HSXCA (CVE-2026-26022)
Server side cross-site scripting In gogs.io/gogs
5.6
Medium
Ecosystem: Go
Package: gogs.io/gogs
FLAT-YPNWE (CVE-2026-25921)
Insufficient data authenticity validation In gogs.io/gogs
7.8
High
Ecosystem: Go
Package: gogs.io/gogs
FLAT-TIO9O (CVE-2026-25242)
Improper authorization control for web services In gogs.io/gogs
2.7
Low
Ecosystem: Go
Package: gogs.io/gogs
FLAT-LHDM3 (CVE-2026-25232)
Authentication mechanism absence or evasion In gogs.io/gogs
4.9
Medium
Ecosystem: Go
Package: gogs.io/gogs
FLAT-6ZPAQ (CVE-2026-25229)
Improper authorization control for web services In gogs.io/gogs
1.3
Low
Ecosystem: Go
Package: gogs.io/gogs
FLAT-0G596 (CVE-2026-25120)
Improper authorization control for web services In gogs.io/gogs
1.2
Low
Ecosystem: Go
Package: gogs.io/gogs
FLAT-TTR99 (CVE-2025-65852)
Improper authorization control for web services In gogs.io/gogs
5.1
Medium
Ecosystem: Go
Package: gogs.io/gogs
FLAT-HDU93 (GHSA-26gq-grmh-6xm6)
Server side cross-site scripting In gogs.io/gogs
5.9
Medium
Ecosystem: Go
Package: gogs.io/gogs
FLAT-HZFTL (CVE-2026-24135)
Lack of data validation - Path Traversal In gogs.io/gogs
5.1
Medium
Ecosystem: Go
Package: gogs.io/gogs
FLAT-CVXDV (CVE-2026-23633)
Lack of data validation - Path Traversal In gogs.io/gogs
5.8
Medium
Ecosystem: Go
Package: gogs.io/gogs
FLAT-V0XR5 (CVE-2026-23632)
Improper authorization control for web services In gogs.io/gogs
5.7
Medium
Ecosystem: Go
Package: gogs.io/gogs
FLAT-O9KIN (CVE-2026-22592)
Improper authorization control for web services In gogs.io/gogs
3.8
Low
Ecosystem: Go
Package: gogs.io/gogs
FLAT-6MRSO (CVE-2025-64175)
Authentication mechanism absence or evasion In gogs.io/gogs
5.2
Medium
Ecosystem: Go
Package: gogs.io/gogs
FLAT-QO3LI (CVE-2025-64111)
Remote command execution In gogs.io/gogs
8.1
High
Ecosystem: Go
Package: gogs.io/gogs
FLAT-GHYLJ (CVE-2025-8110)
Lack of data validation - Path Traversal In gogs.io/gogs
6.3
Medium
Ecosystem: Go
Package: gogs.io/gogs
FLAT-63HML (CVE-2024-56731)
Local file inclusion In gogs.io/gogs
9.1
Critical
Ecosystem: Go
Package: gogs.io/gogs
FLAT-7T1P9 (CVE-2024-39930)
Insecure functionality In gogs.io/gogs
7.7
High
Ecosystem: Go
Package: gogs.io/gogs
FLAT-XIAOH (CVE-2024-39932)
Server side template injection In gogs.io/gogs
9.1
Critical
Ecosystem: Go
Package: gogs.io/gogs
FLAT-GNNNO (CVE-2024-39931)
Local file inclusion In gogs.io/gogs
7.6
High
Ecosystem: Go
Package: gogs.io/gogs
FLAT-89K4S (CVE-2024-39933)
Insecure functionality In gogs.io/gogs
5.7
Medium
Ecosystem: Go
Package: gogs.io/gogs
FLAT-62UKM (CVE-2024-55947)
Lack of data validation - Path Traversal In gogs.io/gogs
6.3
Medium
Ecosystem: Go
Package: gogs.io/gogs
FLAT-7INBP (CVE-2024-54148)
Lack of data validation - Path Traversal In gogs.io/gogs
6.3
Medium
Ecosystem: Go
Package: gogs.io/gogs
FLAT-5Z3BM (CVE-2024-44625)
Lack of data validation - Path Traversal In gogs.io/gogs
6.3
Medium
Ecosystem: Go
Package: gogs.io/gogs
FLAT-DO8T7 (CVE-2022-2024)
OS Command Injection In gogs.io/gogs
5.2
Medium
Ecosystem: Go
Package: gogs.io/gogs
FLAT-TJUXY (CVE-2022-32174)
Server side cross-site scripting In gogs.io/gogs
6.1
Medium
Ecosystem: Go
Package: gogs.io/gogs
FLAT-M3B81 (CVE-2022-1993)
Lack of data validation - Path Traversal In gogs.io/gogs
6.2
Medium
Ecosystem: Go
Package: gogs.io/gogs
FLAT-X1M14 (CVE-2022-1986)
OS Command Injection In gogs.io/gogs
8.1
High
Ecosystem: Go
Package: gogs.io/gogs
FLAT-K2AIX (CVE-2022-31038)
Server side cross-site scripting In gogs.io/gogs
1.2
Low
Ecosystem: Go
Package: gogs.io/gogs
FLAT-LLDKL (CVE-2022-1992)
Lack of data validation - Path Traversal In gogs.io/gogs
6.8
Medium
Ecosystem: Go
Package: gogs.io/gogs
FLAT-M2HIB (CVE-2022-1285)
Server-side request forgery (SSRF) In gogs.io/gogs
2.7
Low
Ecosystem: Go
Package: gogs.io/gogs
FLAT-6FYHD (CVE-2021-32546)
OS Command Injection In gogs.io/gogs
1.1
Low
Ecosystem: Go
Package: gogs.io/gogs
FLAT-DS4MM (CVE-2022-1884)
OS Command Injection In gogs.io/gogs
9.1
Critical
Ecosystem: Go
Package: gogs.io/gogs
FLAT-17LIS (GHSA-pj96-4jhv-v792)
Reflected cross-site scripting (XSS) In gogs.io/gogs
1.3
Low
Ecosystem: Go
Package: gogs.io/gogs
FLAT-60TSY (CVE-2022-1464)
Server side cross-site scripting In gogs.io/gogs
1.2
Low
Ecosystem: Go
Package: gogs.io/gogs
FLAT-OJV64 (CVE-2018-17031)
Reflected cross-site scripting (XSS) In gogs.io/gogs
1.3
Low
Ecosystem: Go
Package: gogs.io/gogs
FLAT-FPVIG (CVE-2018-20303)
Lack of data validation - Path Traversal In gogs.io/gogs
6.6
Medium
Ecosystem: Go
Package: gogs.io/gogs
FLAT-3V2BP (CVE-2022-0415)
Insecure file upload In gogs.io/gogs
6.3
Medium
Ecosystem: Go
Package: gogs.io/gogs
FLAT-S6GEX (CVE-2022-0871)
Improper authorization control for web services In gogs.io/gogs
6.7
Medium
Ecosystem: Go
Package: gogs.io/gogs
FLAT-MLVN4 (GHSA-q347-cg56-pcq4)
Server-side request forgery (SSRF) In gogs.io/gogs
1.3
Low
Ecosystem: Go
Package: gogs.io/gogs
FLAT-71IQU (CVE-2022-0870)
Server-side request forgery (SSRF) In gogs.io/gogs
1.3
Low
Ecosystem: Go
Package: gogs.io/gogs
FLAT-85CWT (GHSA-65f3-3278-7m65)
Improper authorization control for web services In gogs.io/gogs
0.0
None
Ecosystem: Go
Package: gogs.io/gogs
FLAT-PD7PV (CVE-2014-8683)
Server side cross-site scripting In gogs.io/gogs
1.3
Low
Ecosystem: Go
Package: gogs.io/gogs
FLAT-TVCFD (CVE-2014-8682)
NoSQL injection In gogs.io/gogs
2.7
Low
Ecosystem: Go
Package: gogs.io/gogs
FLAT-2J8KJ (CVE-2018-15178)
Uncontrolled external site redirect In gogs.io/gogs
1.3
Low
Ecosystem: Go
Package: gogs.io/gogs
FLAT-5MCYG (CVE-2020-14958)
Excessive privileges In gogs.io/gogs
2.7
Low
Ecosystem: Go
Package: gogs.io/gogs
FLAT-BLF1R (CVE-2019-14544)
Sensitive information sent insecurely In gogs.io/gogs
8.1
High
Ecosystem: Go
Package: gogs.io/gogs