VDB
CVE-2025-69413
CVE-2025-69413
PUBLISHED
In Gitea before 1.25.2, /api/v1/user has different responses for failed authentication depending on whether a username exists.
EPSS 0.02% · 5.4th percentile
Risk Scores
EPSS Score
0.02%
5.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bitnami | gitea | 0 |
| Bitnami | gitea | 0, 0 |
Timeline
- Jan 1, 2026 CVE Published
- Jan 1, 2026 EPSS Score
- Jan 1, 2026 PoC Published
- Jan 2, 2026 CVE Updated
- Jan 4, 2026 EPSS Score
- Jan 8, 2026 EPSS Score
- Jan 11, 2026 EPSS Score
- Jan 15, 2026 EPSS Score
- Jan 18, 2026 EPSS Score
- Jan 21, 2026 EPSS Score
- Jan 24, 2026 PoC Published
- Jan 25, 2026 EPSS Score