CVE-2026-58370 is an authentication bypass vulnerability affecting woodpecker-ci woodpecker versions before 3.15.0. The issue is specific to the GitLab forge driver, where the pipeline.Author is derived from the git commit author name in the webhook payload. Since this commit author name is attacker-controlled and not verified by GitLab, an attacker who can open a merge request from a fork can spoof this field to match an entry in the ApprovalAllowedUsers bypass list. This causes the needsApproval check to return false, allowing the pipeline to run without the required approval. Consequently, attacker-controlled pipeline steps can execute on a Woodpecker agent, risking exfiltration of CI secrets. Other built-in forge drivers are unaffected because they use forge-validated sender identities.

The vulnerability allows an attacker who can open a merge request from a fork in GitLab to bypass the approval requirement for pipeline execution in woodpecker-ci woodpecker. This enables execution of arbitrary pipeline steps controlled by the attacker, potentially leading to unauthorized access and exfiltration of sensitive CI secrets. The impact includes confidentiality, integrity, and availability consequences as indicated by the CVSS vector (C:H/I:H/A:H).

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, users should consider restricting merge request permissions or disabling the ApprovalAllowedUsers bypass list for GitLab forge driver pipelines. Monitoring for suspicious pipeline executions and limiting exposure of sensitive secrets in CI environments may reduce risk. Verify with the woodpecker-ci project for updates or patches addressing this issue.