CVE-2026-20706

CVE-2026-20706CVE-2026-20706

Description

Gitea versions up to and including 1.26.1 allow repository archive downloads to bypass token scope checks on the web archive download endpoint.

Scoring

Last modified2026-07-03
Sourced from NVD. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.