Vulnerabilities3 min read
Gitea Auth Bypass CVE-2026-20896 Exploited 13 Days After Patch
Critical Gitea Docker vulnerability allows full admin access via single X-WEBAUTH-USER header injection. 6,200 exposed instances at risk as attackers begin active scanning.
Marcus ChenJul 9, 2026