CVE-2026-20896

⚠️⚠️ CVE-2026-20896 (CVSS 9.8): Gitea Docker images default REVERSE PROXY TRUSTED PROXIES=* — with reverse-proxy auth on, any IP can impersonate any user via X-WEBAUTH-USER. 🔗FOFA Link: https://t.co/w2rhVF9HFa 🎯244.5K+ Results are found on https://t.co/HSOBZfCA2r in the past year. FOFA Query: app="Gitea" 🔖Refer: https://t.co/64ZP4hKcuj #OSINT #FOFA #CyberSecurity #Vulnerability