https://hackingpassion.com/tags/gitea/Recent content in Gitea on HackingPassion.com : root@HackingPassion.com-[~]HugoenSun, 28 Jun 2026 15:28:45 +0200https://hackingpassion.com/gitea-act-runner-container-escape/Sun, 28 Jun 2026 15:28:45 +0200https://hackingpassion.com/gitea-act-runner-container-escape/<p>A Docker container on a Gitea build runner can break out to root on the host, the setting built to stop that does nothing, and there is no patch yet. <strong>CVSS 9.9.</strong> A working proof of concept went public the same day the flaw was disclosed. The attacker only needs permission to run a workflow on a Docker-backed runner. The setting that fails here is <code>privileged: false</code>. It switches off one flag and leaves the rest of the dangerous options live. This is <strong>CVE-2026-58053</strong>.</p>