{"uuid": "fd9f6e10-6fff-4bd0-8592-08e03c49b19e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20896", "type": "exploited", "source": "https://t.me/cibsecurity/89930", "content": "\ud83d\udd8b\ufe0f Threat Actors Probe Gitea Docker Flaw CVE-2026-20896 13 Days After Disclosure \ud83d\udd8b\ufe0f\n\nThreat actors have been observed attempting to exploit a recently patched critical security flaw in Gitea Docker images, according to Sysdig.  The vulnerability in question is CVE202620896 CVSS score 9.8, a vulnerability that stems from the DevOps platform trusting the \"XWEBAUTHUSER\" header from any source IP address, effectively allowing an unauthenticated internet client to get elevated.\n\n\ud83d\udcd6 Read more.\n\n\ud83d\udd17 Via \"The Hacker News\"\n\n----------\n\ud83d\udc41\ufe0f Seen on @cibsecurity", "creation_timestamp": "2026-07-15T00:00:22.656836Z"}