CVE-2026-27657
Gitea · Gitea Open Source Git Server
Gitea versions before 1.25.5 contain an authorization bypass vulnerability allowing an attacker to modify the primary email address of other users.
Executive summary
A critical authorization bypass vulnerability in Gitea Open Source Git Server allows unauthorized modification of user account information, posing a significant risk to account integrity.
Vulnerability
This vulnerability is categorized as CWE-639 (Authorization Bypass Through User-Controlled Key). It permits an unauthenticated attacker to manipulate the primary email settings of arbitrary users, effectively enabling account takeover vectors.
Business impact
The vulnerability carries a CVSS score of 7.5, indicating a high severity risk. Successful exploitation could allow malicious actors to hijack user accounts by modifying primary email addresses, leading to unauthorized access to sensitive source code repositories and potentially facilitating further lateral movement within the development environment.
Remediation
Immediate Action: Upgrade all Gitea instances to version 1.25.5 or later immediately to resolve the authorization flaw.
Proactive Monitoring: Review audit logs for unusual account modifications, specifically looking for unexpected changes to user profile email addresses or suspicious administrative activity.
Compensating Controls: Implement strict network access controls to limit exposure of the Gitea interface to untrusted networks and utilize a Web Application Firewall (WAF) to block anomalous HTTP requests targeting profile management endpoints.
Exploitation status
Public Exploit Available: false
Analyst recommendation
Given the high impact of authorization bypass vulnerabilities in source control systems, administrators must prioritize the update to version 1.25.5. Organizations using Gitea should treat this as a high-priority maintenance task to prevent potential account takeovers and the resulting compromise of intellectual property.