Cyber security Gitea Docker auth bypass lets attackers impersonate admins A critical Gitea Docker auth bypass, CVE-2026-20896, lets attackers impersonate any user with one HTTP header. Over 6,200 instances are exposed online. Lars Cornelissen · Jul 11, 2026