diff --git a/cves/CVE-2020-26214.yaml b/cves/CVE-2020-26214.yaml
new file mode 100644
index 0000000000..a27aa2fe82
--- /dev/null
+++ b/cves/CVE-2020-26214.yaml
@@ -0,0 +1,34 @@
+id: cve-2020-26214
+info:
+
+  name: Alerta Authentication Bypass (CVE-2020-26214)
+  author: CasperGN
+  severity: critical
+  description: Alerta prior to version 8.1.0 is prone to Authentication Bypass when using LDAP as authorization provider and the LDAP server accepts Unauthenticated Bind reqests.
+
+  # Reference: https://github.com/advisories/GHSA-5hmm-x8q8-w5jh
+  # Reference: https://tools.ietf.org/html/rfc4513#section-5.1.2
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/api/config'
+
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+      - type: regex
+        regex:
+          - 'name":"Alerta ([0-7]\.[0-9]\.[0-9]|8\.0.[0-9])"'
+          - 'name": "Alerta ([0-7]\.[0-9]\.[0-9]|8\.0.[0-9])"'
+        condition: or
+    extractors:
+      - type: regex
+        part: body
+        name: alerta-version
+        group: 1
+        regex:
+          - 'name":"Alerta ([0-7]\.[0-9]\.[0-9]|8\.0.[0-9])"'
+          - 'name": "Alerta ([0-7]\.[0-9]\.[0-9]|8\.0.[0-9])"'