Bleepingcomputer
CISA Directs Agencies to Address Gogs RCE Vulnerability Exploited in Zero-Day Attacks
First seen 12 Jan 2026, 22:44 UTC
•



•79% similarity
•95.2
Share:
Export
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Browse articles
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has mandated that government agencies secure their systems against a critical Gogs vulnerability, tracked as CVE-2025-8110. This remote code execution (RCE) flaw, stemming from a path traversal weakness in the PutContents API, has been exploited in zero-day attacks, affecting systems that utilize Gogs for remote collaboration.
ThreatCluster AI