@securityrss.bsky.social on Bluesky

JavaScript RequiredThis is a heavily interactive web application, and JavaScript is required. Simple HTML interfaces are possible, but that is not what this is. Learn more about Bluesky at bsky.social and atproto.com.

Post

securityrss.ai

securityrss.bsky.social

did:plc:geidqukzen75knciqkq77vgq

A zero-day vulnerability (CVE-2025-8110) in Gogs, a self-hosted Git service, allows authenticated users to exploit symlink bypass to overwrite files outside repositories, leading to Remote Code Execution (RCE). Over 700 instances are compromised, with active exploitation ongoing since July 10, 2025. https://www.wiz.io/blog/wiz-research-gogs-cve-2025-8110-rce-exploit

2025-12-11T15:34:08.230Z