ASR AI Security Radar
Methodology Recent Incidents Get Notified

Back to incidents

AI security incident: Unauthenticated File Upload in Gogs (GHSA-fc3h-92p8-h36f)

Incident date: February 17, 2026 | Published: February 25, 2026 | Source: GitHub Security Advisory | Classification confidence: 99%

This incident is part of the public archive and includes explicit AI-related signals from the cited source material. Review methodology.

Security Advisory:Unauthenticated File Upload in Gogs Vulnerability Type: Unauthenticated File Upload Date: Aug 5, 2025 Discoverer: OpenAI Security Research ## Summary Gogs exposes unauthenticated file upload endpoints by default. When the global RequireSigninView setting is disabled (default), any remote user can upload arbitrary files to the server via /releases/attachments and /issues/attachments. This enables the instance to be abused as a public file host, potentially leading to disk exhaustion, content hosting, or delivery of malware. CSRF tokens do not mitigate this attack due to same-origin cookie issuance. ## Affected Versions - Software: [Gogs](https://github.

Why This Is AI-Related

This page is treated as AI-specific because the source material references openai, which places the issue inside an AI workflow, model, assistant, or supporting dependency rather than a generic software bulletin.

  • openai

Affected Workflow

Review the AI product, dependency, and integration points mentioned in the source advisory before broadening remediation.

Likely Attack Path

The advisory indicates a security path that can affect AI applications, assistants, models, or connected automation workflows if the component is deployed.

Impact

The flaw can expose internal data, local files, or connected systems through AI workflow connectors and supporting services. Severity HIGH. Classification confidence 99%. Source channel GHSA.

Detection And Triage Signals

  • New security events tied to the affected component or advisory identifier
  • Changes in AI workflow behavior, access logs, or plugin execution after the advisory window
  • Evidence that the vulnerable version is active in environments that process sensitive data

Recommended Response

  • Confirm whether the affected component can reach internal metadata, local files, or connected data stores.
  • Restrict outbound requests and sensitive data access paths until a patch or mitigation is in place.
  • Inspect logs for unusual downloads, webhook calls, retrieval requests, or responses containing internal content.

Compliance And Business Impact

Even when exploit details are still emerging, delayed triage can widen operational and compliance exposure around AI systems.

Sources

Want alerts like this in real time?

Get notified with incident context, likely impact, and response guidance.

Get Notified

More incidents