VYPR
High severityCISA KEVNVD Advisory· Published Dec 10, 2025· Updated Feb 26, 2026

File overwrite in file update API in Gogs

CVE-2025-8110

Description

Improper Symbolic link handling in the PutContents API in Gogs allows Local Execution of Code.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
gogs.io/gogsGo
<= 0.13.3

Affected products

3

Patches

Vulnerability mechanics

References

12

News mentions

3