CVE-2025-8110
Published Dec 10, 2025
Last updated 10 days ago
AI description
CVE-2025-8110 is a vulnerability affecting Gogs, a self-hosted Git service. It involves improper handling of symbolic links in the PutContents API, which allows for local code execution. This flaw is a bypass of a previously patched remote code execution vulnerability, CVE-2024-55947. The vulnerability can be exploited by creating a symbolic link within a Git repository that points to a sensitive target outside the repository. By using the PutContents API to write data to the symlink, an attacker can overwrite files outside the repository. This can be leveraged to overwrite the ".git/config" file and execute arbitrary commands.
- Description
- Improper Symbolic link handling in the PutContents API in Gogs allows Local Execution of Code.
- Source
- 9947ef80-c5d5-474a-bbab-97341a59000e
- NVD status
- Analyzed
- Products
- gogs
CVSS 4.0
- Type
- Secondary
- Base score
- 8.7
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:C/RE:X/U:X
- Severity
- HIGH
CVSS 3.1
- Type
- Primary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
Data from CISA
- Vulnerability name
- Gogs Path Traversal Vulnerability
- Exploit added on
- Jan 12, 2026
- Exploit action due
- Feb 2, 2026
- Required action
- Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- 9947ef80-c5d5-474a-bbab-97341a59000e
- CWE-22
- Hype score
- Not currently trending
🚨 CVE-2025-8110 - high 🚨 Gogs <= 0.13.3 - Remote Code Execution > Gogs self-hosted Git service versions 0.13.3 and earlier contain a critical symlink b... 👾 https://t.co/FV1QT1JaN7 @pdnuclei #NucleiTemplates #cve
@pdnuclei_bot
22 Jan 2026
122 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
Gogs actively exploited flaw (CVE-2025-8110) — Wiz research — https://t.co/89WsPpHncw
@InfosecDotWatch
21 Jan 2026
22 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Gogs [—] Jan 21, 2026 Product Security Advisory for the actively exploited vulnerability CVE-2025-8110 affecting all Gogs versions up to 0.13.3. Details active exploitation, risk assessment, and mitigation recommendations. Checkout our Threat Intelligence Platform:... http
@transilienceai
21 Jan 2026
54 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-8110 : CRITICAL VULNERABILITY ALERT 🚨 Gogs A Symlink Path Traversal Remote Code Execution vulnerability has been disclosed in Gogs, a widely-deployed self-hosted Git service used by development teams and organizations. The Risk Severity: 8.8/10 Impact: Arbitrary
@OstorlabSec
19 Jan 2026
62 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
[CISA KEV] CISA KEV: CVE-2025-8110 - Gogs Gogs Key Details: Gogs contains a path traversal vulnerability affecting improper Symbolic link handling in the PutContents API that could allow for code execution. Recommended Action: Validate impact for your environment and implement
@ox0ffff
18 Jan 2026
59 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Gogs bajo ataque — Tu código en riesgo CVE-2025-8110 en CISA KEV: → Path Traversal en API → Acceso a CUALQUIER archivo → Robo de código y credenciales Actualiza Gogs o migra a Gitea/GitLab YA. #Gogs #Git #CISA #CyberSecurity #Developers
@secnetnew
18 Jan 2026
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA alerta sobre falha crítica em Gogs:CISA avisou sobre exploração ativa da falha CVE-2025-8110 no Gogs, que permite execução remota de código via path traversal no editor de arquivos. Não há patch ainda; recomenda-se restringir acesso e desativar registro aberto. https
@caveiratech
14 Jan 2026
30 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Gogsに深刻な脆弱性、ゼロデイ攻撃で悪用を検知(CVE-2025-8110) https://t.co/sjqMMxeo8w #セキュリティ対策Lab #セキュリティ #Security #サイバー攻撃
@securityLab_jp
14 Jan 2026
19 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CISA Flags Actively Exploited Gogs Flaw (CVE-2025-8110) After Mass Internet Compromises CISA added CVE-2025-8110 (Gogs path traversal via Git symlink abuse) to the KEV catalog after ongoing attacks, warning it can enable file overwrite outside repos leading to remote code
@ThreatSynop
14 Jan 2026
56 Impressions
0 Retweets
1 Like
1 Bookmark
0 Replies
0 Quotes
🚨 URGENT: CISA adds a critical, actively exploited RCE vulnerability in Gogs Git service (CVE-2025-8110) to its KEV catalog. The flaw allows full server takeover. Federal agencies must patch by Feb 2. All orgs urged to act now! ⚠️ #CVE #Gogs #RCE 🔗 https://t.co/F0NRkWj
@NetSecIO
13 Jan 2026
37 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA warns of active exploitation of a critical Gogs vulnerability (CVE-2025-8110) that allows remote code execution! Patch fast & lock down exposed servers! https://t.co/RbqbIKeylr
@sctocs25
13 Jan 2026
15 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Upozorňujeme na aktivně zneužívanou zranitelnost v Gogs, CVE-2025-8110. Tato zranitelnost umožňuje autentizovaným uživatelům dosáhnout vzdáleného spuštění kódu (RCE) zneužitím symbolických odkazů, čímž obchází dříve nasazenou opravu proti path trav
@GOVCERT_CZ
13 Jan 2026
650 Impressions
1 Retweet
2 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Active exploit warning CISA confirms CVE-2025-8110 in Gogs is being exploited in the wild. This path traversal flaw can lead to arbitrary code execution, putting source code & CI/CD pipelines at risk. Patch immediate #CyberSecurity #InfoSec #CVE #DevSecOps #ThreatAle
@cyber_infoe
13 Jan 2026
53 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-8110 ⚠️ Gogs – Actively Exploited RCE via Symlink Bypass (CISA KEV) CISA added CVE-2025-8110 to its KEV catalog following active exploitation of public-facing Gogs instances. The flaw bypasses a prior RCE fix due to improper symbolic link handling in th
@modat_magnify
13 Jan 2026
61 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA adds critical Gogs path traversal bug CVE-2025-8110 to KEV catalog, confirming active exploitation against self-hosted Git servers. Admins should patch or mitigate immediately. #Vulnerability https://t.co/M9jxkcL5dK
@threatcluster
13 Jan 2026
50 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CISA warns of active exploitation of a high-severity Gogs vulnerability (CVE-2025-8110). The flaw allows remote code execution via path traversal and is already being exploited in the wild. #CyberSecurity #CybersecurityNews Full Story 👉 https://t.co/yxfph3ssKg https://t.
@CSec88
13 Jan 2026
84 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Alerta Roja de CISA: Explotación activa en Gogs permite la ejecución de código (CVE-2025-8110) 🚨💻 Hoy, 13 de enero de 2026, la Agencia de Seguridad de Infraestructura y Ciberseguridad (CISA) ha emitido una advertencia crítica al añadir una vulnerabilidad de Gogs a su
@MineryReport
13 Jan 2026
64 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CISA Alert: CVE-2025-8110 - API in Gogs allows Local Execution of Code and is under active exploitation. Technical impacts: Execute Unauthorized Code or Commands Modify Files or Directories Read Files or Directories DoS: Crash, Exit, or Restart Business Impacts: CIA all htt
@hackerstorm
13 Jan 2026
80 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
🚨 CISA Flags Actively Exploited Gogs Path Traversal Bug (CVE-2025-8110) in KEV CISA added CVE-2025-8110 to its Known Exploited Vulnerabilities catalog after active exploitation; the flaw stems from improper symbolic-link handling in Gogs’ PutContents API, enabling path trave
@ThreatSynop
13 Jan 2026
38 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Gogs RCE (CVE-2025-8110) wird als Zero-Day ausgenutzt. HPE OneView RCE (CVE-2025-37164) ebenfalls aktiv exploited.Patch/Upgrade sofort: https://t.co/ZQwdkNBJP2 https://t.co/28VEFrouSb #hansesecure #infosec #cybernews https://t.co/Rtih3UG6N3 https://t.co/bguhaecCJx
@HanseSecure
13 Jan 2026
131 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CISA Flags Actively Exploited Gogs Path Traversal Bug (CVE-2025-8110) in KEV CISA added CVE-2025-8110 (Gogs PutContents API symlink path traversal) to the KEV catalog due to active exploitation, warning attackers can write outside repositories and potentially achieve code
@ThreatSynop
13 Jan 2026
51 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CISA Warns of Active Exploitation of Gogs Flaw Enabling Code Execution (CVE-2025-8110) CISA added CVE-2025-8110 (CVSS 8.7) in Gogs to the KEV catalog after active exploitation where attackers can abuse symlink path traversal in the PutContents API to overwrite sensitive file
@ThreatSynop
13 Jan 2026
45 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA flags active Gogs exploitation (CVE-2025-8110) leading to code execution! 🚨 Update now. #Gogs #CVE20258110 #CISA #Vulnerability https://t.co/FTCVC2vnow
@0xT3chn0m4nc3r
13 Jan 2026
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Critical Gogs Vulnerability #CVE-2025-8110, Actively Exploited, CISA Warns https://t.co/R8Sf8UtSNi
@UndercodeNews
13 Jan 2026
18 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
📌 حذرت وكالة الأمن السيبراني والبنية التحتية الأمريكية (CISA) من استغلال نشط لثغرة أمنية عالية الخطورة في Gogs، المدرجة في قائمة الثغرات المعروفة المستغلة.
@Cybercachear
13 Jan 2026
75 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔴 What seemed secure just got exposed. CISA has added CVE-2025-8110 to its Known Exploited Vulnerabilities list, spotlighting a high-severity flaw in Gogs, a self-hosted Git service. This isn't just another tech blip; it's a clear path to remote code execution (RCE) that's htt
@photogrim_
13 Jan 2026
72 Impressions
0 Retweets
3 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨CISA has confirmed active exploitation of a critical Gogs vulnerability and added it to the Known Exploited Vulnerabilities list. CVE-2025-8110 (CVSS 8.7) exploits improper symlink handling, allowing attackers to write outside repositories and achieve remote code execution.
@NeoAIForecast
13 Jan 2026
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
US cyber agency adds Gogs flaw CVE-2025-8110 to its actively exploited list, citing 6+ months of attacks on the popular self-hosted Git service. Admins urged to patch promptly. #Vulnerability https://t.co/kalwP4AMpW
@threatcluster
13 Jan 2026
23 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CISA confirms active exploitation of a Gogs flaw now added to the KEV list. CVE-2025-8110 (CVSS 8.7) abuses symlink handling to write outside repositories, enabling code execution. Around 700 exposed instances are already compromised. 🔗 Read → https://t.co/fl7XGuZRgR
@TheHackersNews
13 Jan 2026
7522 Impressions
25 Retweets
46 Likes
4 Bookmarks
3 Replies
1 Quote
🔍 𝐀𝐥𝐞𝐫𝐭! 𝐕𝐮𝐥𝐧𝐞𝐫𝐚𝐛𝐢𝐥𝐢𝐭𝐲 𝐢𝐧 𝐩𝐨𝐩𝐮𝐥𝐚𝐫 𝐬𝐞𝐥𝐟-𝐡𝐨𝐬𝐭𝐞𝐝 𝐆𝐢𝐭 𝐬𝐞𝐫𝐯𝐢𝐜𝐞 𝐆𝐨𝐠𝐬 𝐭𝐚𝐫𝐠𝐞𝐭𝐞𝐝 𝐛𝐲 𝐡𝐚𝐜𝐤
@PurpleOps_io
13 Jan 2026
86 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA mandates federal agencies to patch a critical Gogs RCE flaw (CVE-2025-8110) exploited in zero-day attacks. Over 1,400 servers exposed, risking sensitive data via symbolic link abuse. #GogsFlaw #ZeroDay #USA https://t.co/BflCcFZS5i
@TweetThreatNews
13 Jan 2026
33 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CISA Flags Actively Exploited Gogs RCE Bypass (CVE-2025-8110) in KEV Catalog CISA added CVE-2025-8110 (a symlink bypass of a previously patched Gogs RCE) to the KEV catalog after evidence of active exploitation, where authenticated attackers can overwrite files outside a rep
@ThreatSynop
12 Jan 2026
63 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨Gogs RCE Actively Exploited: CISA Adds CVE-2025-8110 to KEV Catalog 🔗 https://t.co/iCOSRlRm07 #cybersecurity #infosec #hacking https://t.co/cSYdxFRCXq
@zerodaywire
12 Jan 2026
14 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CISA Orders Urgent Patching for Actively Exploited Gogs RCE (CVE-2025-8110) CISA added CVE-2025-8110 (Gogs PutContents API path traversal + symlink bypass of CVE-2024-55947) to KEV after zero-day exploitation, as attackers can overwrite files outside repos and abuse Git conf
@ThreatSynop
12 Jan 2026
71 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
❗️CISA has added 1 vulnerability to the KEV Catalog: CVE-2025-8110: Gogs Path Traversal Vulnerability https://t.co/9idGUAIgzL
@DarkWebInformer
12 Jan 2026
66 Impressions
0 Retweets
2 Likes
2 Bookmarks
0 Replies
0 Quotes
Latest Known Exploited Vulnerabilities (#KEV) : #CVE-2025-8110 #Gogs Path Traversal Vulnerability https://t.co/cDxnrTLzux
@ScyScan
12 Jan 2026
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ We added Gogs path traversal vulnerability CVE-2025-8110 to our Known Exploited Vulnerabilities Catalog. Visit https://t.co/myxOwap1Tf & apply mitigations to protect your org from cyberattacks. #Cybersecurity #InfoSec https://t.co/gJKLCzEObi
@CISACyber
12 Jan 2026
3316 Impressions
11 Retweets
26 Likes
3 Bookmarks
1 Reply
0 Quotes
🚨 Unpatched Gogs Zero-Day (CVE-2025-8110) Actively Exploited: 700+ Internet-Facing Servers Compromised Attackers are exploiting an unpatched Gogs zero-day (CVE-2025-8110) to gain remote code execution by abusing a PutContents path-traversal weakness combined with symlink
@ThreatSynop
23 Dec 2025
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 𝐁𝐫𝐢𝐞𝐟 𝐒𝐮𝐦𝐦𝐚𝐫𝐲: 🚨 A high-severity unpatched zero-day in Gogs (a self-hosted Git service) is under active exploitation, with researchers identifying 700+ compromised internet-exposed instances. The flaw (CVE-2025-8110, CVSS 8.7) stems fro
@ThreatSynop
21 Dec 2025
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔴 เตือนภัยเร่งด่วน! พบช่องโหว่ ร้ายแรง (CVE-2025-8110) ใน Gogs แฮกเกอร์กำลังโจมตีหนัก เสี่ยงถูกยึดเซิร์ฟเวอร์ทั
@ThaiCERTByNCSA
16 Dec 2025
56 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
#threatreport #LowCompleteness Gogs 0-Day Exploited in the Wild | 10-12-2025 Source: https://t.co/QiiiG0qRgL Key details below ↓ 💀Threats: Garble_tool, Supershell, 🎯Victims: Technology 🔓CVEs: CVE-2025-8110 \[[Vulners](https://t.co/89zfcQjoFP)] - CVSS V3.1: *8.7*,
@rst_cloud
15 Dec 2025
95 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 New high severity zero day affecting Gogs (CVE-2025-8110) actively being exploited in the wild! I’ve created a detection script to detect vulnerable instances at scale: https://t.co/JuEN7UWmZC https://t.co/MnteFZvP7K
@Hammad__Munir
13 Dec 2025
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 A high-severity unpatched security vulnerability in Gogs is actively exploited with 700+ compromised instances on the web! CVE-2025-8110 (CVSS 8.7) #CyberSecurity #Gogs #ZeroDay Source: https://t.co/yX4vfKAtp0
@JamaalChalid
12 Dec 2025
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Gogs Zero-Day RCE (CVE-2025-8110) Actively Exploited | Wiz Blog - https://t.co/aPYjIekAyD
@piedpiper1616
12 Dec 2025
1833 Impressions
4 Retweets
9 Likes
6 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-8110 (Zero-Day) Detection Template: Improper Symbolic link handling in the PutContents API in Gogs allows Local Execution of Code GitHub: https://t.co/73o7cfwEjy Writeup: https://t.co/4nDU2Feb6r https://t.co/gI7wIuZ6g3
@DarkWebInformer
11 Dec 2025
7358 Impressions
17 Retweets
78 Likes
41 Bookmarks
3 Replies
0 Quotes
"🚨 Zero-Day Alert: Gogs RCE (CVE-2025-8110) is now actively exploited! \nPatch immediately if you're using Gogs. \nDetails: https://t.co/UNLob2f62v \n#Cybersecurity #RCE #ZeroDay #CVE20258110 #Gogs"
@dxiadong527
11 Dec 2025
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Vulnerabilidade crítica no Gogs permite exploração ativa: Falha CVE-2025-8110 no serviço Git self-hosted possibilita execução remota de código via manipulação de links simbólicos, com mais de 700 instâncias comprometidas e nenhum patch disponível. Usuários devem rest
@caveiratech
11 Dec 2025
56 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Gogs 0-Day Exploited in the Wild (CVE-2025-8110) https://t.co/1YhYu4n2ca #appsec
@eyalestrin
11 Dec 2025
19 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Gogs zero-day CVE-2025-8110 is under active exploitation, enabling authenticated RCE across 700+ instances with no patch available. Over 50% of public-facing Gogs installs are affected. #ZeroDay https://t.co/7wQsRSCFrO
@threatcluster
11 Dec 2025
36 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-8110: Gogs 0-Day Drops Supershell on 700+ Git Servers Critical RCE in Gogs self-hosted Git platform (affects all versions before 0.14.0) is being actively exploited. What's clever: attackers exploit argument injection in repository migration API to execute
@the_c_protocol
11 Dec 2025
71 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gogs:gogs:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CC3C1E01-690F-4BEB-8969-16883D7F12A5",
"versionEndIncluding": "0.13.3"
}
],
"operator": "OR"
}
]
}
]