A vulnerability labeled as critical has been found in Gogs . Impacted is an unknown function of the component Webhook Handler . Such manipulation leads to server-side request forgery. This vulnerability is uniquely identified as CVE-2026-47267 . The attack can be launched remotely. No exploit exists. The affected component should be upgraded.