VulnHub

Real-time Cybersecurity News

Unpatched Gogs Zero-Day Exploited Across 700+ Instances Amid Active Attacks

The Hacker News
Actively Exploited
CVEZero-dayVulnerabilityPatchUpdate

Overview

A serious security vulnerability in Gogs, a self-hosted Git service, is currently being exploited, affecting over 700 instances worldwide. This flaw, identified as CVE-2025-8110, has a CVSS score of 8.7 and allows attackers to overwrite files via the file update API. The lack of a patch means that many users are at risk, and researchers from Wiz have highlighted the urgency of addressing this issue. Companies using Gogs should take immediate action to secure their installations and monitor for any signs of compromise. The situation underscores the need for timely updates and vigilance in managing self-hosted services.

Key Takeaways

  • Active Exploitation: This vulnerability is being actively exploited by attackers. Immediate action is recommended.
  • Affected Systems: Gogs (self-hosted Git service), CVE-2025-8110
  • Action Required: A fix for the vulnerability is reportedly in development.
  • Timeline: Newly disclosed

Original Article Summary

A high-severity unpatched security vulnerability in Gogs has come under active exploitation, with more than 700 compromised instances accessible over the internet, according to new findings from Wiz. The flaw, tracked as CVE-2025-8110 (CVSS score: 8.7), is a case of file overwrite in the file update API of the Go-based self-hosted Git service. A fix for the issue is said to be currently in the

Impact

Gogs (self-hosted Git service), CVE-2025-8110

Exploitation Status

This vulnerability is confirmed to be actively exploited by attackers in real-world attacks. Organizations should prioritize patching or implementing workarounds immediately.

Timeline

Newly disclosed

Remediation

A fix for the vulnerability is reportedly in development. Users should monitor for updates and apply patches as soon as they become available. In the meantime, users are advised to review their configurations and limit access to the Gogs instances to mitigate potential exploitation.

Additional Information

This threat intelligence is aggregated from trusted cybersecurity sources. For the most up-to-date information, technical details, and official vendor guidance, please refer to the original article linked below.

Related Topics: This incident relates to CVE, Zero-day, Vulnerability, and 2 more.

Read Original Article

Related Coverage

ROCA: Infineon TPM and Secure Element RSA Vulnerability Guidance

NCSC Feed

The ROCA vulnerability affects certain Infineon Trusted Platform Modules (TPMs) and Secure Elements, which are used in various devices for secure cryptographic functions. This flaw allows attackers to potentially recover private RSA keys, compromising the security of encrypted communications and data for users. Devices that utilize these components could be at risk, making it crucial for manufacturers and users to assess their systems. The vulnerability is significant because it could expose sensitive information and undermine trust in security protocols. Users and organizations that rely on affected devices need to take immediate action to secure their systems and protect their data.

Feb 28, 3025

Cyber Assessment Framework 3.2

NCSC Feed

The latest version of the Cyber Assessment Framework (CAF) has been released, aiming to address the rising threats to critical national infrastructure. This update emphasizes the need for organizations to reassess their cybersecurity strategies in light of evolving risks. The framework aims to provide guidance on how to enhance resilience against potential cyberattacks that could impact essential services and systems. It is particularly relevant for government agencies, utility providers, and other sectors that rely on critical infrastructure. By adopting the updated CAF, organizations can better prepare for and mitigate the risks posed by increasingly sophisticated cyber threats.

Jan 22, 2277

Apple fixes two zero-day flaws exploited in 'sophisticated' attacks

BleepingComputer

Apple has released emergency updates to address two zero-day vulnerabilities that were actively exploited in highly sophisticated attacks targeting specific individuals. These flaws could allow attackers to gain unauthorized access to devices, putting sensitive information at risk. Users of affected devices are urged to update their systems immediately to protect against potential exploitation. The vulnerabilities were significant enough to prompt Apple to act quickly, indicating the serious nature of these threats. This situation emphasizes the ongoing risk that zero-day vulnerabilities pose, particularly for individuals in sensitive positions.

Dec 12, 2025

Coupang data breach traced to ex-employee who retained system access

BleepingComputer

Coupang, a major South Korean e-commerce platform, recently suffered a significant data breach that compromised the personal information of approximately 33.7 million customers. Investigations revealed that the breach was the result of a former employee who had retained access to the company's internal systems after leaving. This situation raises serious concerns about how companies manage access permissions for departing employees. The exposed data could include sensitive customer information, potentially leading to identity theft or fraud. This incident serves as a reminder for businesses to regularly review and update their access control policies to safeguard against similar breaches in the future.

Dec 12, 2025

Weaponized AI risk is 'high,' warns OpenAI - here's the plan to stop it

Latest news

OpenAI has raised concerns about the potential risks posed by weaponized artificial intelligence, emphasizing that the capabilities of AI models could either support or undermine cybersecurity efforts. The organization is working to evaluate when these models are powerful enough to be exploited by cybercriminals. In response to these risks, OpenAI is implementing measures to protect its own AI systems from being abused. This proactive stance is crucial as the landscape of cyber threats evolves, and the misuse of AI could lead to significant security challenges for individuals and organizations alike. Understanding these risks is important for developing effective defenses against potential AI-driven attacks.

Dec 12, 2025

Fieldtex Data Breach Impacts 238,000

SecurityWeek

Fieldtex Products recently experienced a significant data breach attributed to the Akira ransomware group, which claims to have stolen approximately 14 gigabytes of data. This incident has affected around 238,000 individuals, raising concerns about the security of personal information. The breach underscores the ongoing threat posed by ransomware attacks, which can have far-reaching implications for both companies and their customers. Users may face risks related to identity theft and privacy violations as a result of this data leak. Companies in similar sectors should take this incident as a warning to bolster their cybersecurity measures to prevent similar breaches in the future.

Dec 12, 2025