CVE-2025-8110: Gogs Path Traversal Vulnerability. Gogs contains a path

Gogs Path Traversal Vulnerability. Gogs contains a path traversal vulnerability affecting improper Symbolic link handling in the PutContents API that could allow for code execution.

• CISA KEV-listed (remediation due 2026-02-02)
• EPSS 17.7% (95.3% percentile)

Related briefings

• Six CVEs Fixed in Gogs 0.14.2: Supply Chain Risk via LFS Object Overwrite, XSS Cluster, and Token Leakage 2026-03-05

Browse the CVE database

Read the full analysis on IntelFusions