securityaffairs.com 7/7/2026, 10:31:22 PM · external

CVE-2026-20896: Gitea Docker flaw lets attackers bypass auth

CVE-2026-20896: Gitea Docker flaw lets attackers bypass auth
Developing story vulnerability 4 articles tracked
Critical Gitea flaws (CVE-2026-20896, CVE-2026-22874) allow remote takeover
CyberSIXT Evidence Panel
Primary Source github.com
CISA KEV Not in KEV
Patch Patch Status Unknown

A critical vulnerability (CVE-2026-20896) has been identified in Gitea's Docker images, allowing attackers to bypass authentication with a single HTTP header, potentially exposing sensitive repositories and data. The flaw affects versions prior to 1.26.3 and has been actively exploited just days after its disclosure. Researchers from Sysdig noted the insecure default settings of Gitea's Docker images, which fail to restrict trusted proxy access, leading to easy impersonation of any user by sending a crafted header. Users are urged to update to versions 1.26.3 or 1.26.4 immediately to mitigate risks.

View Primary Source Via securityaffairs.com

Article by CyberSIXT

Timeline Coverage

Swipe to explore timeline