PT-2026-51624 · Go · Gogs.Io/Gogs

Published

2026-06-23

·

Updated

2026-06-23

·

CVE-2026-52806

CVSS v3.1

9.9

Critical

VectorAV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
🔵 Gogs: Argument Injection in PR Merge Leading to Remote Code Execution (#CVE-2026-52806) -DC-Jun2026-579
https://t.co/kovWbNTQ0x

Fix

Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-77

Related Identifiers

CVE-2026-52806
GHSA-QF6P-P7WW-CWR9

Affected Products

Gogs.Io/Gogs