A vulnerability described as critical has been identified in Gogs up to 0.14.2 . This affects an unknown function. Executing a manipulation can lead to authentication bypass by spoofing. This vulnerability is handled as CVE-2026-25119 . The attack can be executed remotely. There is not any exploit available. Upgrading the affected component is recommended.