zeroday.news · 1d ago·critical
Critical Gitea Flaw Under Active Exploitation, Researchers Warn
A critical vulnerability in Gitea, tracked as CVE-2026-20896, is being actively exploited. The flaw lets attackers bypass authentication with a single HTTP header to access repositories and secrets.