Gogs
New Gogs zero-day flaw lets hackers get remote code execution
An unpatched zero-day vulnerability in the Gogs self-hosted Git service can allow attackers to gain remote code execution (RCE) on Internet-facing instances. Designed as an alternative to GitHub Enterprise or GitLab and written in Go, Gogs is often exposed online for remote collaboration. This critical severity argument injection security flaw has yet to be assigned a CVE […]
CISA orders feds to patch Gogs RCE flaw exploited in zero-day attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has ordered government agencies to secure their systems against a high-severity Gogs vulnerability that was exploited in zero-day attacks. Designed as an alternative to GitLab or GitHub Enterprise and written in Go, Gogs is often exposed online for remote collaboration. Tracked as CVE-2025-8110, this remote code execution (RCE) […]
Hackers exploit unpatched Gogs zero-day to breach 700 servers
An unpatched zero-day vulnerability in Gogs, a popular self-hosted Git service, has enabled attackers to gain remote code execution on Internet-facing instances and compromise hundreds of servers. Written in Go and designed as an alternative to GitLab or GitHub Enterprise, Gogs is also often exposed online for remote collaboration. CVE-2025-8110, the Gogs RCE vulnerability exploited in these attacks, stems […]