Cybersecurity researchers have disclosed a security flaw in
Gitea, an open-source, self-hosted platform for version control,
that allows unauthenticated remote attackers to pull private
container images from Gitea deployments without requiring an
account, password, or other credentials. The vulnerability, tracked
as CVE-2026-27771 (CVSS score: N/A), affects all versions of Gitea
prior to 1.26.2
Read more https://thehackernews.com/2026/05/gitea-vulnerability-exposes-private.html
