logo

Critical Gitea Security Flaws Expose Servers to Takeover

ID: 303d37ef-a867-5306-9712-e458a3af8739

STIX ID: report--303d37ef-a867-5306-9712-e458a3af8739

Feed Name: securityonline.info

Threat Score
75/100

Date Published: 2026-06-25

Date Updated: 2026-06-25

Author: Do Son

...
...

Two critical Gitea vulnerabilities (CVE-2026-20896 and CVE-2026-22874) allow remote attackers to bypass authentication by injecting X-WEBAUTH-USER headers in misconfigured Docker reverse-proxy setups and to perform SSRF that can reach cloud metadata services and internal networks; both affect Gitea <=1.26.2 (CVSS 9.8 and 9.6), public PoC code and technical details are available, and administrators are advised to upgrade to 1.26.3 immediately.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.