Gitea Docker CVE-2026-20896 Auth Bypass

Gitea Docker CVE-2026-20896

Gitea Docker CVE-2026-20896 is now under active exploitation: a single crafted HTTP header lets an unauthenticated attacker impersonate any user of a self-hosted Gitea instance — including an administrator — and walk away with private repositories and any secrets committed by mistake. What Happened Gitea’s official Docker image ships with REVERSE_PROXY_TRUSTED_PROXIES=*. On deployments that also…

Read More