CVE-2026-20896 lets reachable Gitea Docker containers trust spoofed X-WEBAUTH-USER headers when reverse proxy auth is enabled ...
A Gitea Docker vulnerability disclosed last month is now drawing real attacker interest, and it is easy to see why. CVE-2026-20896, rated 9.8 out of 10 on the CVSS scale, let anyone who could reach a ...
CVE-2026-20896, a bypass authentication flaw in a popular self-hosted DevOps platform, was patched on June 21, but attacks ...