Threat actors have been observed attempting to exploit a
recently patched critical security flaw in Gitea Docker images,
according to Sysdig. The vulnerability in question is
CVE-2026-20896 (CVSS score: 9.8), a vulnerability that stems from
the DevOps platform trusting the "X-WEBAUTH-USER" header from any
source IP address, effectively allowing an unauthenticated internet
client to get elevated
Read more https://thehackernews.com/2026/07/threat-actors-probe-gitea-docker-flaw.html

