{"uuid": "edc88acb-c4b1-4793-8ca2-9c6b63781557", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20896", "type": "seen", "source": "https://thehackernews.com/2026/07/threat-actors-probe-gitea-docker-flaw.html", "content": "Threat actors have been observed attempting to exploit a recently patched critical security flaw in Gitea Docker images, according to Sysdig.\n\nThe vulnerability in question is CVE-2026-20896 (CVSS score: 9.8), a vulnerability that stems from the DevOps platform trusting the \"X-WEBAUTH-USER\" header from any source IP address, effectively allowing an unauthenticated internet client to get elevated", "creation_timestamp": "2026-07-07T01:00:43.011535Z"}