CVE-2026-58426
CRITICAL
NVD
CVSS Score
9.6
Severity
CRITICAL
Published
Jul 03, 2026
Vendor
unknown
Description
Gitea Actions Artifacts V4 signed URL HMAC ambiguity allows cross-repository artifact read and cross-task upload-state write
Gitea Actions Artifacts V4 signed URL HMAC ambiguity allows cross-repository artifact read and cross-task upload-state write