CVE-2026-58426: Critical Vulnerability in Gitea Actions Allows Unauthorized Data Access


This text was generated using artificial intelligence (AI).On the widely used, self-hosted Git platform Gitea A critical security vulnerability with a CVSS score of 9.6 (Critically) disclosed. The vulnerability, according to the security advisory GHSA-hg5r-vq93-9fv6 as CVE-2026-58426 This vulnerability affects the Gitea Actions feature. It allows authenticated attackers with low privileges to bypass security boundaries between different projects in order to access sensitive build artifacts and manipulate their upload status. A security update to address the issue is available.