A vulnerability, which was classified as critical , was found in Gogs up to 0.14.2 . Affected by this vulnerability is an unknown functionality. Executing a manipulation can lead to server-side request forgery. This vulnerability appears as CVE-2026-52805 . The attack may be performed from remote. There is no available exploit. You should upgrade the affected component.