Find real vulnerabilities before they ship
Vulnerability Database › go › CVE-2026-20904
Gitea does not properly validate ownership when toggling OpenID URI visibility. An authenticated user may be able to change the visibility settings of other users' OpenID identities.
Base Score