Security Advisory
CVE-2026-0798
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
Gitea may send release notification emails for private repositories to users whose access has been revoked. When a repository is changed from public to private, users who previously watched the repository may continue to receive release notifications, potentially disclosing release titles, tags, and content.