> TritonInfoSec News
Home / May 29, 2026 / Story
0
#1 BleepingComputer general May 28, 2026 at 14:25 UTC

New Gogs zero-day flaw lets hackers get remote code execution

By Sergiu Gatlan

AI Summary

An unpatched zero-day RCE vulnerability in Gogs, a widely deployed self-hosted Git service, allows remote attackers to execute arbitrary code on internet-facing instances. Rapid7 rates the flaw 9.4 on the CVSS scale; no CVE has been assigned yet. Organizations running Gogs should immediately assess exposure given the lack of an available patch.

Read full article → https://www.bleepingcomputer.com/news/security/new…

Relevance score: 82.0/100

# More from May 29

  1. 2
    Critical Gogs RCE Vulnerability Lets Any Authenticated User Execute Arbitrary Code The Hacker News
  2. 3
    Hackers exploit FortiClient EMS flaw to push infostealer malware BleepingComputer
  3. 4
    Carnival Cruise confirms data breach affecting nearly 6 million people BleepingComputer
  4. 5
    CrowdStrike disrupts Glassworm botnet that preyed on open-source supply chain CyberScoop
  5. 6
    GreyVibe hackers use ChatGPT, Gemini to power cyberattacks BleepingComputer
  6. 7
    Ransomware Actors Show Up In Person to Steal Law Firm Data Dark Reading
  7. 8
    JINX-0164 Targets Cryptocurrency Firms with Fake Recruiter Lures and macOS Malware The Hacker News
  8. 9
    Malicious npm Package Stole Files From Claude AI User Directory via GitHub The Hacker News
  9. 10
    Gitea Vulnerability Exposed 30,000 Deployments to Attacks SecurityWeek