CVE-2026-58370 | woodpecker-ci woodpecker up to 3.14.x GitLab Forge Driver commit.author.name authentication spoofing

SecurityVulns

A vulnerability, which was classified as critical, has been found in woodpecker-ci woodpecker up to 3.14.x. This affects an unknown part of the component GitLab Forge Driver. This manipulation of the argument commit.author.name causes authentication bypass by spoofing.

This vulnerability appears as CVE-2026-58370. The attack may be initiated remotely. There is no available exploit.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More