Threat actors are actively exploiting a critical authentication bypass in Gitea’s official Docker images, tracked as CVE-2026-20896 with a CVSS score of 9.8. The flaw allows an attacker to authenticate as any valid user by supplying a single HTTP header, with no password or token required.
How the Vulnerability Works
The issue stems from how Gitea Docker images prior to version 1.26.3 handle reverse-proxy authentication. When this feature is enabled, Gitea is expected to trust only headers set by a designated authenticating proxy. Instead, the default configuration allowed connections from any source IP address rather than enforcing an allowlist. As a result, any process that could reach the Gitea container’s HTTP port directly, bypassing the intended proxy, could supply a known or guessable username in a header and gain full access to that account.
Security researcher Ali Mustafa, credited with discovering the bug, noted that administrator accounts are the obvious targets given their broad privileges. Sysdig Sr. Director of Threat Research Michael Clark confirmed that exploitation requires nothing more than a valid username in a single header.
Exploitation Timeline and Exposure
According to Sysdig’s research, in-the-wild exploitation began 13 days after the advisory was published. The first observed attempt was attributed to a VPN-exit scanner probing publicly accessible instances. Sysdig identified approximately 6,200 Gitea instances reachable from the internet, though the exact number of vulnerable deployments remains unknown.
Impact
Successful exploitation gives an attacker the same repository access as the impersonated user. This includes:
- Read and write access to all repositories, including private ones
- Exposure of secrets accidentally committed by developers, such as API keys, database credentials, and deploy tokens
- Access to CI/CD pipeline configurations and deploy keys
The potential for complete compromise of an organization’s codebase and associated secrets makes this vulnerability particularly severe.
Remediation
The patch, introduced in Gitea versions 1.26.3 and 1.26.4, converts reverse-proxy authentication from an opt-out to an opt-in feature, closing the default-configuration exposure. Organizations running Gitea Docker images are strongly advised to update immediately. Instances that cannot be patched right away should be isolated from direct network access and restricted to traffic arriving only through the intended authenticating proxy.
