All intelligence
// vulnerability record
cached · NVD via COSMOS syncCVE-2026-58426
CRITICALpublished 2026-07-03 21:17 UTC · 18 hours ago
9.6
CVSS / 10
// description
Gitea Actions Artifacts V4 signed URL HMAC ambiguity allows cross-repository artifact read and cross-task upload-state write
// weaknesses (CWE)
- CWE-347