CVE-2026-24135 - Gogs vulnerable to arbitrary file deletion via path traversal in wiki page update

CVE ID : CVE-2026-24135 Published : Feb. 6, 2026, 6:15 p.m. | 27 minutes ago Description : Gogs is an open source self-hosted Git service. In version 0.13.3 and prior, a path traversal vulnerability exists in the updateWikiPage function of Gogs. The vulnerability allows an authenticated user with write access to a repository's wiki to delete arbitrary files on the server by manipulating the old_title parameter in the wiki editing form. This issue has been patched in versions 0.13.4 and 0.14.0+dev. Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...