CVE-2025-8110:
Gogs vulnerability analysis and mitigation

Improper Symbolic link handling in the PutContents API in Gogs allows Local Execution of Code.

Source: NVD

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2024-56731	CRITICAL	9.8	Gogs	gogs.io/gogs	No	Yes	Jun 24, 2025
CVE-2024-44625	HIGH	8.8	Gogs	gogs	No	Yes	Nov 15, 2024
CVE-2025-8110	HIGH	8.7	Gogs	gogs.io/gogs	No	No	Dec 10, 2025
CVE-2024-55947	HIGH	8.7	Gogs	gogs	No	Yes	Dec 23, 2024
CVE-2024-54148	HIGH	8.7	Gogs	gogs.io/gogs	No	Yes	Dec 23, 2024

Free Vulnerability Assessment

Benchmark your Cloud Security Posture

Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.

A community-led vulnerabilities database

A threat intelligence database

A tenant isolation framework

Get a personalized demo

"Best User Experience I have ever seen, provides full visibility to cloud workloads."

David EstlickCISO

"Wiz provides a single pane of glass to see what is going on in our cloud environments."

Adam FletcherChief Security Officer

"We know that if Wiz identifies something as critical, it actually is."

Greg PoniatowskiHead of Threat and Vulnerability Management