🚨 Three Gitea/Gogs vulnerabilities just dropped — and one is a CVSS 9.8 authentication bypass.

If you self-host Gitea or Gogs, this is not a “patch later” situation:

⚠️ CVE-2026-20896 — Gitea Docker auth bypass
Anyone can impersonate any user with one HTTP header: `X-WEBAUTH-USER: admin`

⚠️ CVE-2026-52807 — Stored DOM XSS
A malicious milestone name can survive escaping and execute through Semantic UI.

⚠️ CVE-2026-22874 — Webhook SSRF
Gitea webhooks can become a path to AWS IMDS, cloud credentials, S3, Secrets Manager, ECR, and full cloud privilege abuse.

Self-hosted Git platforms hold source code, CI/CD secrets, deploy keys, webhooks, tokens, and internal infrastructure access.

Your code. Your secrets. Their access.

Upgrade now:
Gitea 1.26.3+
Gogs 0.14.3+

Full technical breakdown 👇
https://thecybersecguru.com/news/cve-2026-20896-gitea-authentication-bypass-dom-xss-ssrf/

#Gitea #Gogs #CyberSecurity #InfoSec #AppSec #DevSecOps #CVE #SSRF #XSS #Docker #CloudSecurity #AWS #IAM #AuthenticationBypass #Vulnerability #SelfHosted #Security

Fortinet Sandbox Flaws Under Active Exploitation

Critical Fortinet Sandbox vulnerabilities are under active attack, with hackers exploiting flaws like CVE-2026-39813, a severe path traversal bug that allows authentication bypass. Fortinet patched these bugs in April, but users must upgrade ASAP to avoid being compromised.

https://osintsights.com/fortinet-sandbox-flaws-under-active-exploitation?utm_source=mastodon&utm_medium=social

#Fortinet #Fortisandbox #Cve202639813 #PathTraversal #AuthenticationBypass

phpBB Flaw Enables Instant Account Takeover

A single HTTP request can give an attacker instant access to any user's account, including administrator accounts, without needing a password - a vulnerability rated 9.4 on the CVSS scale that's affecting phpBB versions up to 3.3.16 and 4.0.0 alpha.

https://osintsights.com/phpbb-flaw-enables-instant-account-takeover?utm_source=mastodon&utm_medium=social

#AuthenticationBypass #Phpbb #Ptt2026004 #Cve2026xxxx #SessionHijacking

Check Point Discloses Zero-Day Flaw Exploited by Ransomware Groups

Check Point has uncovered a zero-day flaw, CVE-2026-50751, that allowed ransomware groups to exploit a critical authentication bypass in Remote Access and Mobile Access deployments, prompting an emergency fix. The vulnerability enabled attackers to establish a remote access VPN connection without proper authentication.

https://osintsights.com/check-point-discloses-zero-day-flaw-exploited-by-ransomware-groups?utm_source=mastodon&utm_medium=social

#ZeroDay #Ransomware #Cve202650751 #AuthenticationBypass #RemoteAccess

Check Point Exposes VPN Zero-Day Link to Qilin Ransomware Gang

A critical VPN vulnerability, CVE-2026-50751, has been exploited in attacks linked to the notorious Qilin ransomware gang, affecting a handful of organizations worldwide. Check Point has released security updates to patch this authentication bypass flaw in its legacy Remote Access and Mobile Access deployments.

https://osintsights.com/check-point-exposes-vpn-zero-day-link-to-qilin-ransomware-gang?utm_source=mastodon&utm_medium=social

#VpnZeroday #QilinRansomware #Cve202650751 #AuthenticationBypass #Ikev1

Palo Alto Networks Warns of Active PAN-OS Vulnerability Exploitation

Palo Alto Networks has sounded the alarm on a critical PAN-OS vulnerability, CVE-2026-0257, that's being actively exploited by threat actors to bypass authentication and gain unauthorized access to VPN connections. This security gap could allow attackers to circumvent controls and initiate their own VPN sessions, putting your…

https://osintsights.com/palo-alto-networks-warns-of-active-pan-os-vulnerability-exploitation?utm_source=mastodon&utm_medium=social

#Panos #Cve20260257 #Globalprotect #AuthenticationBypass #VpnExploitation

Dashlane Exposes Brute-Force Attack on User Accounts

Dashlane recently alerted a small group of users, fewer than 20, that an external threat actor had launched a brute-force attack on their accounts, attempting to bypass two-factor authentication and gain unauthorized access. The company quickly sprang into action, notifying affected users and taking steps to protect their…

https://osintsights.com/dashlane-exposes-brute-force-attack-on-user-accounts?utm_source=mastodon&utm_medium=social

#BruteforceAttack #2faBypass #EmergingThreats #PasswordManagement #AuthenticationBypass

Cyberattacks Accelerate as AI Lowers Bar for Threat Actors

Defaults and automation are handing attackers cheap, fast entry points, making it alarmingly easy for them to wreak havoc - just like in the case of Gogs, where open registration and unlimited repository creation allow unauthenticated attackers to create an account and repository with ease. This vulnerability is being exploited, along…

https://osintsights.com/cyberattacks-accelerate-as-ai-lowers-bar-for-threat-actors?utm_source=mastodon&utm_medium=social

#AuthenticationBypass #Cve20260257 #EmergingThreats #Globalprotect #Panos

Palo Alto VPN Bug Sees Active Exploitation

Security experts at Rapid7 have confirmed that hackers are actively exploiting a critical authentication bypass flaw in Palo Alto Networks' VPN, putting PAN-OS users at risk of targeted attacks. This urgent development means users must patch their systems ASAP to prevent exploitation.

https://osintsights.com/palo-alto-vpn-bug-sees-active-exploitation?utm_source=mastodon&utm_medium=social

#PaloAlto #Vpn #AuthenticationBypass #Panos #Rapid7

Dashlane Disrupts Service Amid Brute-Force Attacks

Dashlane recently took swift action to protect its users, suspending customer accounts in response to a surge of brute-force attacks that triggered the company's automatic defenses, putting engineers' weekends on hold. This decisive move showcases the password manager's commitment to safeguarding user security.

https://osintsights.com/dashlane-disrupts-service-amid-brute-force-attacks?utm_source=mastodon&utm_medium=social

#BruteForceAttacks #PasswordManagement #EmergingThreats #ServiceDisruption #AuthenticationBypass