Gitea
Security Scorecard
Score
100A
Total CVEs
8
Patch Rate
100%
8 patched
Avg Response
-
days to patch
Critical Gaps
0
exploitable, no detection
Severity Breakdown
Critical3
High1
Medium4
Low0
Patch Status
Patched8 (100%)
Partial/Workaround0 (0%)
Unpatched0 (0%)
CVEs (8)
| CVE ID | Title | Severity | Score | Days | Patch |
|---|---|---|---|---|---|
| CVE-2026-20736 | CVE-2026-20736 | High | 7.5 | - | Patched |
| CVE-2026-20750 | CVE-2026-20750 | Critical | 9.1 | - | Patched |
| CVE-2026-20883 | Gitea Stopwatch API Privilege Escalation | Medium | 6.5 | - | Patched |
| CVE-2026-20897 | CVE-2026-20897 | Critical | 9.1 | - | Patched |
| CVE-2026-20904 | CVE-2026-20904 | Medium | 6.5 | - | Patched |
| CVE-2026-20912 | Gitea Repository Attachment Link Vulnerability | Critical | 9.1 | - | Patched |
| CVE-2025-68943 | Gitea Login Time Disclosure | Medium | 5.3 | - | Patched |
| CVE-2025-68944 | Gitea Package Registry Scope Mishandling | Medium | 5.0 | - | Patched |