CyberRota
← Ana sayfaya dön

CVE-2026-52815

UNKNOWN · CVSS N/A EPSS %1.55 Public Exploit

Kaynak: NVD + CISA KEV + EPSS · Yayınlanma: 2026-06-24T21:16:57.627 · Çekilme zamanı: 2026-06-30T18:32:55.496516+00:00

CyberRota Yorumu

Detaylı analiz gerekiyor.

Public Exploit Sinyali

Bu CVE için açıklama veya referanslarda public exploit / PoC / GitHub / Metasploit sinyali tespit edildi.

GitHub PoC Linkleri
github.com

Not: Bu bağlantılar yalnızca güvenlik araştırması ve doğrulama amacıyla listelenmiştir.

CVE
CVE-2026-52815
Severity
UNKNOWN
CVSS
N/A
EPSS
%1.55

Orijinal NVD Açıklaması

Gogs is an open source self-hosted Git service. Prior to 0.14.3, Gogs has an unauthenticated information disclosure vulnerability. The GET /api/v1/orgs/:orgname/teams endpoint at internal/route/api/v1/org_team.go:8 returns all teams for any organization without requiring authentication. The route group at internal/route/api/v1/api.go:380-385 lacks the reqToken() middleware, and the listTeams() handler performs no authentication check, exposing team IDs, names, descriptions, and permission levels to any unauthenticated caller. This vulnerability is fixed in 0.14.3.