CVE-2026-52804
CVE-2026-52804 is a medium-severity vulnerability with a CVSS 4.0 base score of 5.5. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low. The underlying weakness is classified as CWE-193.
Key facts
- Severity: Medium (CVSS 4.0 base score 5.5)
- EPSS exploit prediction: 0% (39th percentile)
- Actively exploited: Not listed in CISA KEV
- EU (EUVD) id: EUVD-2026-39072
- Weakness: CWE-193
- Published:
- Last modified:
Description
Gogs is an open source self-hosted Git service. Prior to 0.14.3, a repository admin collaborator can escalate their privileges to owner-level access by exploiting an off-by-one error in the ChangeCollaborationAccessMode function. This vulnerability is fixed in 0.14.3.
Frequently asked questions
- What is CVE-2026-52804?
- Gogs is an open source self-hosted Git service. Prior to 0.14.3, a repository admin collaborator can escalate their privileges to owner-level access by exploiting an off-by-one error in the ChangeCollaborationAccessMode function. This vulnerability is fixed in 0.14.3.
- How severe is CVE-2026-52804?
- CVE-2026-52804 has a CVSS 4.0 base score of 5.5, rated medium severity.
- Is CVE-2026-52804 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 0% (39th percentile), an estimate of the probability of exploitation in the next 30 days.
- How do I fix CVE-2026-52804?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
- Does CVE-2026-52804 have an EU (EUVD) identifier?
- Yes. CVE-2026-52804 is tracked in the ENISA EU Vulnerability Database (EUVD) as EUVD-2026-39072.
- When was CVE-2026-52804 published?
- CVE-2026-52804 was published on 2026-06-24 and last updated on 2026-06-26.
References
- https://github.com/gogs/gogs/commit/1fdc9cc28e159135cfa4d6b11ecd5daa0f8ce22b
- https://github.com/gogs/gogs/pull/8227
- https://github.com/gogs/gogs/releases/tag/v0.14.3
- https://github.com/gogs/gogs/security/advisories/GHSA-4565-r4x7-hg8j
Other CWE-193 (Off-by-one Error) vulnerabilities
- CVE-2024-10442 — Critical (CVSS 10.0): Off-by-one error vulnerability in the transmission component in Synology Replication Service before 1.0.12-0066,…
- CVE-2026-53309 — Critical (CVSS 9.8): In the Linux kernel, the following vulnerability has been resolved: ocfs2/dlm: fix off-by-one in dlm_match_regions()…
- CVE-2024-38441 — Critical (CVSS 9.8): Netatalk before 3.2.1 has an off-by-one error and resultant heap-based buffer overflow because of setting ibuf[len] to…
- CVE-2023-46853 — Critical (CVSS 9.8): In Memcached before 1.6.22, an off-by-one error exists when processing proxy requests in proxy mode, if \n is used…
- CVE-2023-38429 — Critical (CVSS 9.8): An issue was discovered in the Linux kernel before 6.3.4. fs/ksmbd/connection.c in ksmbd has an off-by-one error in…
- CVE-2022-34970 — Critical (CVSS 9.8): Crow before 1.0+4 has a heap-based buffer overflow via the function qs_parse in query_string.h. On successful…