Lucene search
+L

Vulnerabilities fixed in GitLab

🗓️ 09 Jan 2026 11:11:48Reported by NCSCType 
ncsc
 ncsc
🔗 advisories.ncsc.nl👁 8 Views

GitLab fixed DoS, GraphQL abuse, browser code execution, image leak, and stored cross scripting.

Related
Refs
ReporterTitlePublishedViews
Family
bdu_fstec
The vulnerability of the Git-based software platform for collaborative code development on GitLab, related to unlimited resource distribution, allows a hacker to cause a service failure.
15 Jan 202600:00
bdu_fstec
bdu_fstec
The vulnerability of the GraphQL query execution environment of the Git-based software platform for collaborative code development on GitLab allows a perpetrator to compromise the integrity and accessibility of protected information.
15 Jan 202600:00
bdu_fstec
bdu_fstec
The vulnerability of the Git-based software platform for collaborative code development on GitLab EE/CE lies in the lack of measures taken to protect the website structure, allowing attackers to perform cross-site scripting attacks (XSS).
18 Feb 202600:00
bdu_fstec
bdu_fstec
The vulnerability of the software platform based on Git for collaborative code development in GitLab Enterprise Edition (EE) stems from the lack of authentication procedures, which allow unauthorized users to gain unauthorized access to the AI model settings.
20 Feb 202600:00
bdu_fstec
bdu_fstec
The vulnerability of the Git-based software platform for collaborative code development on GitLab EE/CE involves shortcomings in access control to personal information, allowing attackers to disclose protected data.
20 Feb 202600:00
bdu_fstec
bdu_fstec
The vulnerability of the software platform based on Git for collaborative code development in GitLab Enterprise Edition (EE) stems from the lack of authentication procedures, which allow unauthorized users to gain unauthorized access to the AI model settings.
20 Feb 202600:00
bdu_fstec
freebsd
Gitlab -- vulnerabilities
7 Jan 202600:00
freebsd
cgr
CVE-2025-10569 vulnerabilities
28 Jan 202619:17
cgr
cgr
CVE-2025-11246 vulnerabilities
28 Jan 202619:17
cgr
cgr
CVE-2025-3950 vulnerabilities
28 Jan 202619:17
cgr
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

09 Jan 2026 11:11Current
6.5Medium risk
Vulners AI Score6.5
CVSS 3.18.7 - 9.6
EPSS0.0062
SSVC
8