Known exploited
Gogs
CVE published 2026-01-12
CVE-2025-8110
CVE-2025-8110 is a path traversal vulnerability affecting Gogs that was added to CISA’s Known Exploited Vulnerabilities (KEV) catalog on 2026-01-12. Because CISA lists it as known to be exploited, organizations running Gogs should treat this as a high-priority remediation item and follow the vendor and CISA guidance referenced in the KEV entry.