Critical Gitea Security Flaws Expose Servers to Takeover
ID: 303d37ef-a867-5306-9712-e458a3af8739
STIX ID: report--303d37ef-a867-5306-9712-e458a3af8739
Feed Name: securityonline.info
Threat Score
Two critical Gitea vulnerabilities (CVE-2026-20896 and CVE-2026-22874) allow remote attackers to bypass authentication by injecting X-WEBAUTH-USER headers in misconfigured Docker reverse-proxy setups and to perform SSRF that can reach cloud metadata services and internal networks; both affect Gitea <=1.26.2 (CVSS 9.8 and 9.6), public PoC code and technical details are available, and administrators are advised to upgrade to 1.26.3 immediately.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
