CVE Catalog
CVE-2026-22547
Low risk· EPSS 6%Exploitation Probability (EPSS)
Low risk0.17%
6th percentile — higher than 6% of all known CVEs
Summary
In Gitea versions before 1.25.5, validation constraints for repository creation fields are missing, including length-limited template fields and trust model or object format values.
Risk Assessment
Lack of validation may allow an attacker to inject malformed data, potentially leading to unexpected behavior or compromise of repository integrity.
Recommendation
It is recommended to immediately upgrade Gitea to version 1.25.5 or later, which includes the necessary validation fixes.
Original NVD description (English source)
Gitea versions before 1.25.5 lack validation constraints for repository creation fields, including length-limited template fields and trust model or object format values.

