Description
Gitea versions before 1.25.5 mishandle path resolution during template repository generation, allowing template processing to read or write through symlinked or otherwise non-regular paths.
Published: 2026-07-03
Score: n/a
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Gitea versions older than 1.25.5 improperly resolve paths when generating a template repository, allowing a path traversal through symlinks or other non‑regular paths (CWE‑59). This flaw enables an attacker with sufficient access to read arbitrary files on the host or to overwrite files, potentially compromising configuration files, sensitive data, and providing a foothold for further compromise.

Affected Systems

The vulnerability affects all installations of the Gitea Open Source Git Server running any version prior to v1.25.5. Any instance that permits users to generate template repositories—whether in development or production—remains susceptible, regardless of the deployment environment.

Risk and Exploitability

The EPSS score of less than 1% indicates a very low exploitation probability, and the issue is not listed in the CISA KEV catalog, suggesting no confirmed widespread exploitation yet. The likely attack vector is an attacker who can initiate template repository creation within an authenticated Gitea session, as the flaw is exposed through the template generation process; this inference is based on the description that the vulnerability is triggered by template processing. Once triggered, the attacker can read or overwrite files, posing a significant confidentiality and integrity risk to the host filesystem. The attack surface is therefore limited to deployments where template generation is enabled and the user possesses sufficient permissions within Gitea to start that process.

Generated by OpenCVE AI on July 6, 2026 at 09:40 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Gitea to v1.25.5 or later so the path resolution flaw is removed
  • Restrict template repository generation to trusted users or disable the feature entirely in production deployments
  • Audit file permissions in directories accessed by Gitea, removing unnecessary symlinks or non‑regular files, and enforce least privilege on file accesses

Generated by OpenCVE AI on July 6, 2026 at 09:40 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 03 Jul 2026 20:45:00 +0000

Type Values Removed Values Added
Description Gitea versions before 1.25.5 mishandle path resolution during template repository generation, allowing template processing to read or write through symlinked or otherwise non-regular paths.
Title Gitea template repository generation mishandles symlinked paths
Weaknesses CWE-59
References

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: Gitea

Published:

Updated: 2026-07-03T20:19:33.104Z

Reserved: 2026-02-22T15:13:33.721Z

Link: CVE-2026-25718

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-07-06T01:00:05Z

Weaknesses
  • CWE-59

    Improper Link Resolution Before File Access ('Link Following')