CVE-2026-52797: Gogs: Overwriting critical files results in a denial of service

Vulnerability type: Path Traversal Impact: DoS Exploitation prerequisite: authorized user Description: As an authorized user, an intruder can dictate the value which is passed to the git diff command which, together with bypassing the filtering of the passed value, allows the user to bypass the target directory and write the result of the comparison to any arbitrary path. Researcher: Artyom Kulakov (Positive Technologies) Mitigation:

1. https://github.com/gogs/gogs/blob/b7372b1f32cd0bb40984debfb049e3fc04efaee4/internal/route/repo/editor.go#L307 — on this line, instead of the treePath variable, which comes directly from the user unchanged, we should first filter and then pass the entry variable.
2. To filter the treePath variable, it is better to use the preexisting pathutil.Clean function instead of path.Clean from the standard Go library.