External risk intelligence

Woodpecker Approval Bypass via Spoofed Commit Author Name.

CVE advisorySeverity: CRITICAL (CVSS 9.2)

CVE-2026-58370

Woodpecker is a CI/CD server that is commonly deployed to be accessible to developers and integrated with external forge services like GitLab via webhooks, which typically requires network exposure to receive payload data from those services.

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

External exposure likelihood

Horizon Alert

Summary of the vulnerability and why it matters

This vulnerability affects Woodpecker CI systems, specifically when using the GitLab forge driver. It allows an attacker to bypass required pipeline approvals by manipulating commit author information, potentially leading to the execution of unauthorized code and exfiltration of sensitive data. The primary concern is to confirm if your environment utilizes the GitLab forge driver within Woodpecker.

  • Unapproved pipelines can run via spoofed commit authors.
  • Bypasses security checks for code execution and data access.
  • Confirm GitLab forge driver usage in Woodpecker.

Attack Path

How an attacker could exploit the issue

An attacker could exploit this vulnerability by forking a repository and controlling the commit author name within the webhook payload. This allows them to bypass security checks designed to prevent unapproved pipelines from running, potentially leading to the execution of malicious code on a Woodpecker agent and the exposure of sensitive information.

  • Attacker forks repository to control payload.
  • Submits merge request with crafted commit author.
  • Leads to unauthorized pipeline execution and secret exfiltration.

Live Threat

Current exploitation, exposure, and threat context

This vulnerability could allow an attacker to bypass required approvals for pipelines running on Woodpecker agents. When a merge request originates from a fork in GitLab, an attacker can control the commit author name in the webhook payload. If this forged name matches an entry in Woodpecker's `ApprovalAllowedUsers` list, the pipeline will run without the necessary approval, potentially executing attacker-controlled steps and exfiltrating CI secrets. This bypass specifically affects the GitLab forge driver; other drivers are not impacted because they derive the author identity from forge-validated sources.

  • Compromise of CI/CD pipelines and secrets.
  • Attacker forges commit author name in webhook.
  • Unauthorized pipeline execution and secret exfiltration.

Operational Fix

Recommended remediation, mitigation, and detection steps

The Woodpecker CI/CD system's GitLab integration is susceptible to a bypass of approval checks due to a spoofable commit author name in webhook payloads. Teams responsible for CI/CD infrastructure, application security, and potentially platform engineering should lead the remediation efforts. The initial step involves identifying all instances of Woodpecker using the GitLab forge driver, assessing their exposure, and confirming the business criticality of affected pipelines before planning remediation.

  • Own the issue: CI/CD and Platform teams.
  • Verify first: Woodpecker GitLab integration exposure.
  • Action: Plan risk-based remediation.

Supplementary metadata

Validate whether this threat affects your internet-facing exposure.

Halo Threat Intelligence helps prioritize remediation with Halo Surface Signal and H/A/L/O context. Start exposure validation with a free external attack surface trial.

Frequently asked questions

What is Woodpecker CI/CD?

Woodpecker is an open-source automation tool that automates software testing, building, and deployment processes. It functions as a CI/CD server that integrates with various code hosting platforms, known as forge drivers, to monitor repositories and run defined pipelines when code changes occur.

How does CVE-2026-58370 work as an authentication bypass?

This vulnerability falls under CWE-290, which involves authentication bypass by spoofing. The flaw occurs because Woodpecker incorrectly trusts the unverified commit author name sent by GitLab in a webhook payload. By crafting a specific author name, an attacker mimics a trusted user, tricking the system into bypassing security approval requirements for pipeline execution.

When does this vulnerability trigger?

The issue triggers when a malicious user creates a merge request from a forked repository using the GitLab driver. It does not trigger for Gitea, Forgejo, GitHub, or Bitbucket users because those platforms provide Woodpecker with validated identity information. If your setup does not use the GitLab forge driver, your pipelines remain protected by their existing approval configurations.

Is my Woodpecker instance relevant to this threat?

Halo Surface Signal indicates that Woodpecker instances are frequently deployed with network accessibility to receive webhooks from forge services like GitLab. If your server is reachable to receive these external signals, you are exposed. The primary risk is unauthorized code execution on your agents, which could lead to the exposure of sensitive CI/CD secrets.

How should I respond to CVE-2026-58370?

Your first step is to audit your Woodpecker configuration to determine if it is integrated with GitLab. If the GitLab forge driver is active, prioritize upgrading to version 3.15.0 or newer, which addresses the flaw. Meanwhile, assess which pipelines handle sensitive secrets to understand your immediate risk surface and inform your team's patching schedule.

References