VDB
CVE-2025-68941
CVE-2025-68941
PUBLISHED
Gitea before 1.22.3 mishandles access to a private resource upon receiving an API token with scope limited to public resources.
EPSS 0.01% · 0.9th percentile
Risk Scores
EPSS Score
0.01%
0.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bitnami | gitea | 0 |
| Bitnami | gitea | 0, 0 |
Timeline
- Dec 26, 2025 CVE Published
- Dec 26, 2025 EPSS Score
- Dec 26, 2025 PoC Published
- Dec 29, 2025 EPSS Score
- Jan 2, 2026 EPSS Score
- Jan 5, 2026 EPSS Score
- Jan 9, 2026 EPSS Score
- Jan 12, 2026 EPSS Score
- Jan 16, 2026 EPSS Score
- Jan 19, 2026 EPSS Score
- Jan 23, 2026 EPSS Score
- Jan 26, 2026 EPSS Score