Attackers are actively compromising self-hosted Gitea instances right now by exploiting a critical authentication bypass in the official Gitea Docker image. The flaw lets unauthenticated attackers imp
If you run Gitea via Docker, stop reading after the next sentence and go check your version: threat actors are actively probing for [CVE-2026-20896](https://thehackernews.com/2026/07/threat-actors-pro
A newly disclosed vulnerability in Gitea — the popular self-hosted Git and container registry platform — allows any unauthenticated remote attacker to pull private container images from an exposed Git