Two months after Rapid7 discovered the hole in the Git service, the project maintainer has yet to patch the bug. A newly discovered and so far unpatched critical vulnerability in the open source Gogs ...
Attackers are actively exploiting a zero-day bug in Gogs, a popular self-hosted Git service, and the open source project doesn't yet have a fix.… More than 700 instances have been compromised in the ...
A vulnerability in self-hosted Git service Gogs is facing widespread exploitation, and no patch is available at this time. That's according to Wiz, which on Dec. 10 published research disclosing ...
CISA added Gogs CVE-2025-8110 to its Known Exploited Vulnerabilities catalog Critical symlink bypass enables unauthenticated Remote Code Execution via PutContents API Over 700 Gogs servers compromised ...
In addition to security researchers, a US security authority is now also warning of attacks on self-hosted Git service servers based on Gogs. Admins who self-host Git service servers with Gogs should ...