CVE-2025-64111
Gogs's update .git/config file allows remote command execution
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
Gogs is an open source self-hosted Git service. In version 0.13.3 and prior, due to the insufficient patch for CVE-2024-56731, it's still possible to update files in the .git directory and achieve remote command execution. This issue has been patched in versions 0.13.4 and 0.14.0+dev.
| CWE | CWE-78 |
| Vendor | gogs |
| Product | gogs |
| Published | Feb 6, 2026 |
| Last Updated | Feb 26, 2026 |
Stay Ahead of the Next One
Get instant alerts for gogs gogs
Be the first to know when new unknown vulnerabilities affecting gogs gogs are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
gogs / gogs
< 0.14.0+dev < 0.13.4