CVE-2026-0798

Name: Websites susceptible to CVE-2026-0798
Creator: WebTechSurvey

CVE-2026-0798

Gitea Release Email Notifications Leak Private Repository Release Details After Access Revocation

Gitea may send release notification emails for private repositories to users whose access has been revoked. When a repository is changed from public to private, users who previously watched the repository may continue to receive release notifications, potentially disclosing release titles, tags, and content.

We have discovered 1,149 live websites that are affected by CVE-2026-0798.

Run a Free Instant Scan

Affected Software


Product	Gitea
Category	Dev Tools
Vulnerable Domains	1,149 live websites (98% of Gitea install base)
Vulnerable Versions	from 0 through 1.25.3
Vulnerable Versions Count	42 versions ( 95% of all versions)

Common Weakness Enumeration

CWE-284 Improper Access Control

Available Reports

Website List

Details

Published - Jan 22, 2026
Updated - Jan 23, 2026

Credits

spingARbor (reporter)

CVE References

CWE References

cwe.mitre.org

CWE

CWE-284

Website Distribution by Country

Number of websites using CVE-2026-0798

United States	248 websites

Germany	337 websites
France	160 websites
Russia	68 websites
Singapore	50 websites
China	44 websites
Netherlands	26 websites
GB	21 websites
Canada	18 websites

Website Distribution by TLD

Number of websites using CVE-2026-0798

.com	258 websites
.de	141 websites
.net	124 websites
.org	95 websites
.fr	51 websites
.ru	46 websites
.io	21 websites
.eu	21 websites
.nl	14 websites
.info	14 websites

Vulnerable Versions

Vulnerable versions are highlighted in red

Websites affected by CVE-2026-0798

Top websites that are affected by CVE-2026-0798. Please click on the "Contact us" link to get more information.

Domain	Country	Rank
********.org	France	*,*
*.******.com	United States	*,*
***.********.eu	GB	*,*
*.****.com	Switzerland	*,*
*.*****.net	United States	*,*
******.fr	France	*,*
**.******.ch	Switzerland	,,*
***.*****.org	Germany	,,*
*.*****.fi	Finland	,,*
*.*****.ca	Canada	,,*

See full domain list

FAQ

CVE-2026-0798 is Improper Access Control in Gitea

A total of 1,149 websites have been identified as vulnerable to CVE-2026-0798, based on global website indexing conducted by WebTechSurvey.

The Gitea is affected by the CVE-2026-0798 vulnerability.

Gitea versions up to and including 1.25.3 are vulnerable to CVE-2026-0798.

Domain	Country	Rank
********.org	France	*,*
*.******.com	United States	*,*
***.********.eu	GB	*,*
*.****.com	Switzerland	*,*
*.*****.net	United States	*,*
******.fr	France	*,*
**.******.ch	Switzerland	,,*
***.*****.org	Germany	,,*
*.*****.fi	Finland	,,*
*.*****.ca	Canada	,,*

CVE-2026-0798

Affected Software

Common Weakness Enumeration

Available Reports

Details

Credits

CVE References

CWE References

CWE

Website Distribution by Country

Website Distribution by TLD

Vulnerable Versions

Websites affected by CVE-2026-0798

What type of vulnerability is CVE-2026-0798?

How many websites are affected by the CVE-2026-0798 vulnerability?

Which technology is affected by CVE-2026-0798?

Which versions of Gitea are vulnerable to CVE-2026-0798?

References