CVE-2025-68940

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Name of the Vulnerable Software and Affected Versions Gitea versions prior to 1.22.5

Description A permission enforcement issue exists in Gitea related to branch deletion after a pull request merge. Specifically, the system does not adequately enforce branch deletion permissions in these scenarios.

Recommendations Update to Gitea version 1.22.5 or later.

Fix

Incorrect Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-863

Related Identifiers

BIT-GITEA-2025-68940

CVE-2025-68940

GHSA-RRCW-5RJV-VJ26

GO-2025-4267

SUSE-SU-2026:0037-1

Affected Products

Gitea

Red Os

CVE-2025-68940

Weakness Enumeration

Related Identifiers

Affected Products

References · 91