Severity:
CRITICAL RISK
(9.1)
OAuth2 PKCE S256 Bypass (CWE-284) in Gitea Auth Flow
CVE-2026-26247
Published:
Status:
Deferred
Summary
Affected Context
Exploit Preconditions
Why This Happens
Potential Impact
General Mitigation Guidance
How Teams Detect Issues Like This
Frequently Asked Questions
Source
NDV








