CVE-2025-8110

🛡️ Alerta de Seguridad: Vulnerabilidad de Path Traversal en Gogs (CVE-2025-8110) Gogs presenta una vulnerabilidad de path traversal (CWE-22) en el manejo inadecuado de enlaces simbólicos en la API PutContents, permitiendo ejecución remota de código (RCE). Severidad CVSS 8

DR: A Gogs self-hosted Git service zero-day CVE-2025-8110 bypassing the previously patched CVE-2024-55947 is being widely exploited with no patch yet available, threatening thousands of cloud and on-premises environments. https://t.co/teuZYNte2t

#VulnerabilityReport #CISA CISA “Must-Patch” Alert: Critical Gogs Exploit CVE-2025-8110 Active in Wild https://t.co/KxwYfdMvQg

Critical vulnerability CVE-2025-8110 enables RCE on self-hosted Git servers via path traversal, compromising over 700 instances. Authenticated attackers can exploit this flaw. Read more: https://t.co/9MUayxaBAx

🚨 CVE-2025-8110 - high 🚨 Gogs <= 0.13.3 - Remote Code Execution > Gogs self-hosted Git service versions 0.13.3 and earlier contain a critical symlink b... 👾 https://t.co/FV1QT1JaN7 @pdnuclei #NucleiTemplates #cve

Gogs actively exploited flaw (CVE-2025-8110) — Wiz research — https://t.co/89WsPpHncw

🚨 Gogs [—] Jan 21, 2026 Product Security Advisory for the actively exploited vulnerability CVE-2025-8110 affecting all Gogs versions up to 0.13.3. Details active exploitation, risk assessment, and mitigation recommendations. Checkout our Threat Intelligence Platform:... http

🚨 CVE-2025-8110 : CRITICAL VULNERABILITY ALERT 🚨 Gogs A Symlink Path Traversal Remote Code Execution vulnerability has been disclosed in Gogs, a widely-deployed self-hosted Git service used by development teams and organizations. The Risk Severity: 8.8/10 Impact: Arbitrary

[CISA KEV] CISA KEV: CVE-2025-8110 - Gogs Gogs Key Details: Gogs contains a path traversal vulnerability affecting improper Symbolic link handling in the PutContents API that could allow for code execution. Recommended Action: Validate impact for your environment and implement

🚨 Gogs bajo ataque — Tu código en riesgo CVE-2025-8110 en CISA KEV: → Path Traversal en API → Acceso a CUALQUIER archivo → Robo de código y credenciales Actualiza Gogs o migra a Gitea/GitLab YA. #Gogs #Git #CISA #CyberSecurity #Developers

CISA alerta sobre falha crítica em Gogs:CISA avisou sobre exploração ativa da falha CVE-2025-8110 no Gogs, que permite execução remota de código via path traversal no editor de arquivos. Não há patch ainda; recomenda-se restringir acesso e desativar registro aberto. https

Gogsに深刻な脆弱性、ゼロデイ攻撃で悪用を検知(CVE-2025-8110) https://t.co/sjqMMxeo8w #セキュリティ対策Lab #セキュリティ #Security #サイバー攻撃

🚨 CISA Flags Actively Exploited Gogs Flaw (CVE-2025-8110) After Mass Internet Compromises CISA added CVE-2025-8110 (Gogs path traversal via Git symlink abuse) to the KEV catalog after ongoing attacks, warning it can enable file overwrite outside repos leading to remote code

🚨 URGENT: CISA adds a critical, actively exploited RCE vulnerability in Gogs Git service (CVE-2025-8110) to its KEV catalog. The flaw allows full server takeover. Federal agencies must patch by Feb 2. All orgs urged to act now! ⚠️ #CVE #Gogs #RCE 🔗 https://t.co/F0NRkWj

CISA warns of active exploitation of a critical Gogs vulnerability (CVE-2025-8110) that allows remote code execution! Patch fast & lock down exposed servers! https://t.co/RbqbIKeylr

🚨 Upozorňujeme na aktivně zneužívanou zranitelnost v Gogs, CVE-2025-8110. Tato zranitelnost umožňuje autentizovaným uživatelům dosáhnout vzdáleného spuštění kódu (RCE) zneužitím symbolických odkazů, čímž obchází dříve nasazenou opravu proti path trav

🚨 Active exploit warning CISA confirms CVE-2025-8110 in Gogs is being exploited in the wild. This path traversal flaw can lead to arbitrary code execution, putting source code & CI/CD pipelines at risk. Patch immediate #CyberSecurity #InfoSec #CVE #DevSecOps #ThreatAle

CVE-2025-8110  ⚠️ Gogs – Actively Exploited RCE via Symlink Bypass (CISA KEV)  CISA added CVE-2025-8110 to its KEV catalog following active exploitation of public-facing Gogs instances.  The flaw bypasses a prior RCE fix due to improper symbolic link handling in th

CISA adds critical Gogs path traversal bug CVE-2025-8110 to KEV catalog, confirming active exploitation against self-hosted Git servers. Admins should patch or mitigate immediately. #Vulnerability https://t.co/M9jxkcL5dK

🚨 CISA warns of active exploitation of a high-severity Gogs vulnerability (CVE-2025-8110). The flaw allows remote code execution via path traversal and is already being exploited in the wild. #CyberSecurity #CybersecurityNews Full Story 👉 https://t.co/yxfph3ssKg https://t.

Alerta Roja de CISA: Explotación activa en Gogs permite la ejecución de código (CVE-2025-8110) 🚨💻 Hoy, 13 de enero de 2026, la Agencia de Seguridad de Infraestructura y Ciberseguridad (CISA) ha emitido una advertencia crítica al añadir una vulnerabilidad de Gogs a su

CISA Alert: CVE-2025-8110 - API in Gogs allows Local Execution of Code and is under active exploitation. Technical impacts: Execute Unauthorized Code or Commands Modify Files or Directories Read Files or Directories DoS: Crash, Exit, or Restart Business Impacts: CIA all htt

🚨 CISA Flags Actively Exploited Gogs Path Traversal Bug (CVE-2025-8110) in KEV CISA added CVE-2025-8110 to its Known Exploited Vulnerabilities catalog after active exploitation; the flaw stems from improper symbolic-link handling in Gogs’ PutContents API, enabling path trave

Gogs RCE (CVE-2025-8110) wird als Zero-Day ausgenutzt. HPE OneView RCE (CVE-2025-37164) ebenfalls aktiv exploited.Patch/Upgrade sofort: https://t.co/ZQwdkNBJP2 https://t.co/28VEFrouSb #hansesecure #infosec #cybernews https://t.co/Rtih3UG6N3 https://t.co/bguhaecCJx

🚨 CISA Flags Actively Exploited Gogs Path Traversal Bug (CVE-2025-8110) in KEV CISA added CVE-2025-8110 (Gogs PutContents API symlink path traversal) to the KEV catalog due to active exploitation, warning attackers can write outside repositories and potentially achieve code

🚨 CISA Warns of Active Exploitation of Gogs Flaw Enabling Code Execution (CVE-2025-8110) CISA added CVE-2025-8110 (CVSS 8.7) in Gogs to the KEV catalog after active exploitation where attackers can abuse symlink path traversal in the PutContents API to overwrite sensitive file

CISA flags active Gogs exploitation (CVE-2025-8110) leading to code execution! 🚨 Update now. #Gogs #CVE20258110 #CISA #Vulnerability https://t.co/FTCVC2vnow

🚨 Critical Gogs Vulnerability #CVE-2025-8110, Actively Exploited, CISA Warns https://t.co/R8Sf8UtSNi

📌 حذرت وكالة الأمن السيبراني والبنية التحتية الأمريكية (CISA) من استغلال نشط لثغرة أمنية عالية الخطورة في Gogs، المدرجة في قائمة الثغرات المعروفة المستغلة.

🔴 What seemed secure just got exposed. CISA has added CVE-2025-8110 to its Known Exploited Vulnerabilities list, spotlighting a high-severity flaw in Gogs, a self-hosted Git service. This isn't just another tech blip; it's a clear path to remote code execution (RCE) that's htt

🚨CISA has confirmed active exploitation of a critical Gogs vulnerability and added it to the Known Exploited Vulnerabilities list. CVE-2025-8110 (CVSS 8.7) exploits improper symlink handling, allowing attackers to write outside repositories and achieve remote code execution.

US cyber agency adds Gogs flaw CVE-2025-8110 to its actively exploited list, citing 6+ months of attacks on the popular self-hosted Git service. Admins urged to patch promptly. #Vulnerability https://t.co/kalwP4AMpW

🚨 CISA confirms active exploitation of a Gogs flaw now added to the KEV list. CVE-2025-8110 (CVSS 8.7) abuses symlink handling to write outside repositories, enabling code execution. Around 700 exposed instances are already compromised. 🔗 Read → https://t.co/fl7XGuZRgR

🔍 𝐀𝐥𝐞𝐫𝐭! 𝐕𝐮𝐥𝐧𝐞𝐫𝐚𝐛𝐢𝐥𝐢𝐭𝐲 𝐢𝐧 𝐩𝐨𝐩𝐮𝐥𝐚𝐫 𝐬𝐞𝐥𝐟-𝐡𝐨𝐬𝐭𝐞𝐝 𝐆𝐢𝐭 𝐬𝐞𝐫𝐯𝐢𝐜𝐞 𝐆𝐨𝐠𝐬 𝐭𝐚𝐫𝐠𝐞𝐭𝐞𝐝 𝐛𝐲 𝐡𝐚𝐜𝐤

CISA mandates federal agencies to patch a critical Gogs RCE flaw (CVE-2025-8110) exploited in zero-day attacks. Over 1,400 servers exposed, risking sensitive data via symbolic link abuse. #GogsFlaw #ZeroDay #USA https://t.co/BflCcFZS5i

🚨 CISA Flags Actively Exploited Gogs RCE Bypass (CVE-2025-8110) in KEV Catalog CISA added CVE-2025-8110 (a symlink bypass of a previously patched Gogs RCE) to the KEV catalog after evidence of active exploitation, where authenticated attackers can overwrite files outside a rep

🚨Gogs RCE Actively Exploited: CISA Adds CVE-2025-8110 to KEV Catalog 🔗 https://t.co/iCOSRlRm07 #cybersecurity #infosec #hacking https://t.co/cSYdxFRCXq

🚨 CISA Orders Urgent Patching for Actively Exploited Gogs RCE (CVE-2025-8110) CISA added CVE-2025-8110 (Gogs PutContents API path traversal + symlink bypass of CVE-2024-55947) to KEV after zero-day exploitation, as attackers can overwrite files outside repos and abuse Git conf

❗️CISA has added 1 vulnerability to the KEV Catalog: CVE-2025-8110: Gogs Path Traversal Vulnerability https://t.co/9idGUAIgzL

Latest Known Exploited Vulnerabilities (#KEV) : #CVE-2025-8110 #Gogs Path Traversal Vulnerability https://t.co/cDxnrTLzux

🛡️ We added Gogs path traversal vulnerability CVE-2025-8110 to our Known Exploited Vulnerabilities Catalog. Visit https://t.co/myxOwap1Tf & apply mitigations to protect your org from cyberattacks. #Cybersecurity #InfoSec https://t.co/gJKLCzEObi

🚨 Unpatched Gogs Zero-Day (CVE-2025-8110) Actively Exploited: 700+ Internet-Facing Servers Compromised Attackers are exploiting an unpatched Gogs zero-day (CVE-2025-8110) to gain remote code execution by abusing a PutContents path-traversal weakness combined with symlink

🚨 𝐁𝐫𝐢𝐞𝐟 𝐒𝐮𝐦𝐦𝐚𝐫𝐲: 🚨 A high-severity unpatched zero-day in Gogs (a self-hosted Git service) is under active exploitation, with researchers identifying 700+ compromised internet-exposed instances. The flaw (CVE-2025-8110, CVSS 8.7) stems fro

🔴 เตือนภัยเร่งด่วน! พบช่องโหว่ ร้ายแรง (CVE-2025-8110) ใน Gogs แฮกเกอร์กำลังโจมตีหนัก เสี่ยงถูกยึดเซิร์ฟเวอร์ทั

#threatreport #LowCompleteness Gogs 0-Day Exploited in the Wild | 10-12-2025 Source: https://t.co/QiiiG0qRgL Key details below ↓ 💀Threats: Garble_tool, Supershell, 🎯Victims: Technology 🔓CVEs: CVE-2025-8110 \[[Vulners](https://t.co/89zfcQjoFP)] - CVSS V3.1: *8.7*,

🚨 New high severity zero day affecting Gogs (CVE-2025-8110) actively being exploited in the wild! I’ve created a detection script to detect vulnerable instances at scale: https://t.co/JuEN7UWmZC https://t.co/MnteFZvP7K

🚨 A high-severity unpatched security vulnerability in Gogs is actively exploited with 700+ compromised instances on the web! CVE-2025-8110 (CVSS 8.7) #CyberSecurity #Gogs #ZeroDay Source: https://t.co/yX4vfKAtp0

Gogs Zero-Day RCE (CVE-2025-8110) Actively Exploited | Wiz Blog - https://t.co/aPYjIekAyD

🚨 CVE-2025-8110 (Zero-Day) Detection Template: Improper Symbolic link handling in the PutContents API in Gogs allows Local Execution of Code GitHub: https://t.co/73o7cfwEjy Writeup: https://t.co/4nDU2Feb6r https://t.co/gI7wIuZ6g3

"🚨 Zero-Day Alert: Gogs RCE (CVE-2025-8110) is now actively exploited! \nPatch immediately if you're using Gogs. \nDetails: https://t.co/UNLob2f62v \n#Cybersecurity #RCE #ZeroDay #CVE20258110 #Gogs"