VYPR
Moderate severityNVD Advisory· Published Feb 6, 2026· Updated Feb 6, 2026

Gogs has arbitrary file read/write via path traversal in Git hook editing

CVE-2026-23633

Description

Gogs is an open source self-hosted Git service. In version 0.13.3 and prior, there is an arbitrary file read/write via path traversal in Git hook editing. This issue has been patched in versions 0.13.4 and 0.14.0+dev.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
gogs.io/gogsGo
< 0.13.40.13.4

Affected products

3

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.