Gitea: OAuth2 access token scope enforcement bypass via HTTP Basic authentication in code.gitea.io/gitea
{ "review_status": "UNREVIEWED", "url": "https://pkg.go.dev/vuln/GO-2026-5299" }
"https://vuln.go.dev/ID/GO-2026-5299.json"