Gogs — Cyber Attacks, Breaches & Threat Activity

Threat entity extracted from intelligence sources

Frequency
35
occurrences
First Seen
December 10, 2025
Last Seen
July 1, 2026

Gogs is a organization tracked across 13 threat clusters and 35 intelligence report mentions on ThreatCluster. First observed December 10, 2025; most recent activity July 1, 2026.

Related Threat Clusters

Recent Intelligence Reports

  • Risky Bulletin: Researcher drops giant cache of zero — News.Risky.Biz · July 1, 2026
  • Multiple Critical Vulnerability Disclosures Across Gogs, Jinjava, and Kubernetes Local Path ... — Mallory.Ai · June 25, 2026
  • GHSA C39w 43gm 34h5 — osv.dev · June 24, 2026
  • Gogs has Path Traversal in organization name that results in RCE through Git hooks Home on GitLab Advisory Database (GLAD) / 8h Organization names containing path traversal sequences (../) are accepted by Gogs, and repositories under them are written to paths following these path traversals. This allows storing/retrieving data for repositories at arbitrary locations on the filesystem. By creating nested structure of Git repositories, one can overwrite the other's hooks configuration to result in — advisories.gitlab.com · June 24, 2026
  • CVE-2026-52813 - Exploits & Severity — Feedly · June 24, 2026
  • Waiting for security patch: Self-hosted Git service Gogs is vulnerable — Heise.De · May 29, 2026
  • New Gogs 0 — Gbhackers · May 29, 2026
  • Risky Bulletin: Dutch police take down 17m device botnet — Risky.Biz · May 29, 2026

CVSS v3.1 Breakdown