{"vulnerability": "CVE-2026-20896", "sightings": [{"uuid": "62813ac8-aa84-459e-b470-7221608a9c68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-20896", "type": "seen", "source": "https://bsky.app/profile/thecybersecguru.com/post/3mp65jcs6sh27", "content": "Three Vulnerabilities, One Platform: Why Your Self-Hosted Gitea/Gogs Instance Is Probably Already\u00a0Owned\n\nThree critical Gitea and Gogs CVEs disclosed in 2026: a CVSS 9.8 auth bypass via X-WEBAUTH-USER header,\u2026\n\nhttps://thecybersecguru.com/news/cve-2026-20896-gitea-authentication-bypass-dom-xss-ssrf/", "creation_timestamp": "2026-06-26T04:52:06.315766Z"}, {"uuid": "fc8bee44-ecb4-4692-a320-a34f4b558312", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20896", "type": "seen", "source": "https://bsky.app/profile/shiojiri.com/post/3mpidt76pcsbr", "content": "\u533f\u540d\u306e\u7814\u7a76\u8005\u304c\u30bc\u30ed\u30c7\u30a4\u6570\u4ef6\u3092GitHub\u30ea\u30dd\u30b8\u30c8\u30ea\u3067\u516c\u958b\uff08CVE-2026-55200\u3001CVE-2026-20896\uff09 | Codebook\uff5cSecurity News https://codebook.machinarecord.com/threatreport/silobreaker-cyber-alert/46394/", "creation_timestamp": "2026-06-30T06:11:34.296661Z"}, {"uuid": "672973c2-2cc6-42ad-882c-039e474f5a47", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20896", "type": "seen", "source": "https://bsky.app/profile/potato.software/post/3mpidta6bgb2n", "content": "\u533f\u540d\u306e\u7814\u7a76\u8005\u304c\u30bc\u30ed\u30c7\u30a4\u6570\u4ef6\u3092GitHub\u30ea\u30dd\u30b8\u30c8\u30ea\u3067\u516c\u958b\uff08CVE-2026-55200\u3001CVE-2026-20896\uff09 | Codebook\uff5cSecurity News https://codebook.machinarecord.com/threatreport/silobreaker-potato-alert/46394/", "creation_timestamp": "2026-06-30T06:11:36.036527Z"}]}