CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 2 days ago•19 views

CVE-2026-12053

GitLab EE prior to 19.1.1 (i.e., 19.1.0) was affected by an information-disclosure issue caused by insufficient output filtering in Duo Workflows, potentially allowing a user to access sensitive data already committed to a project. The issue has been remediated by patching to 19.1.1. Impact: high...

8.6CVSS5.8AI score0.00328EPSS

Exploits0References3Affected Software1

EUVD•added 2 days ago•4 views

EUVD-2026-39169

8.6CVSS5.8AI score0.00328EPSS

Cvelist•added 2 days ago•30 views

CVE-2026-12053 Insertion of Sensitive Information into Log File in GitLab

8.6CVSS0.00328EPSS

Positive Technologies•added 2 days ago•8 views

PT-2026-52198

8.6CVSS5.8AI score0.00328EPSS

Exploits0References6

Tenable Nessus•added 2 days ago•5 views

GitLab 19.1 < 19.1.1 (CVE-2026-12053)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - GitLab has remediated an issue in GitLab EE affecting all versions from 19.1 before 19.1.1 that under certain conditions could have allowed a user to access sensitive information that had already been...

8.6CVSS5.9AI score0.00328EPSS

Exploits0References5

NVD•added 2026/06/19 10:16 a.m.•10 views

CVE-2026-11576

The security fix for CVE-2025-0728 in eclipse-threadx NetX Duo refactors error handling in the HTTP server PUT process to use a shared cleanup label, but this unified cleanup path unconditionally calls fxfileclose even when the file was never successfully opened. Multiple error branches jump to t...

7.5CVSS0.00263EPSS

CVE•added 2026/06/19 8:27 a.m.•19 views

CVE-2026-11576

The CVE-2026-11576 entry concerns eclipse-threadx NetX Duo. The issue arises from a refactor of error handling in the HTTP server PUT path, where a unified cleanup path unconditionally calls fx_file_close() even if no file was successfully opened. Multiple error branches jump to the shared cleanu...

7.5CVSS5.8AI score0.00263EPSS

Cvelist•added 2026/06/19 8:27 a.m.•26 views

CVE-2026-11576

7.5CVSS0.00263EPSS

ATTACKERKB•added 2026/06/19 8:27 a.m.•6 views

CVE-2026-11576

7.5CVSS5.8AI score0.00263EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2026/06/19 8:27 a.m.•4 views

CVE-2026-11576

7.5CVSS5.8AI score0.00681EPSS

RedhatCVE•added 2026/06/05 7:14 p.m.•6 views

CVE-2026-4868

GitLab has remediated an issue in GitLab EE affecting all versions from 18.8 before 18.10.7, 18.11 before 18.11.4, and 19.0 before 19.0.1 that, under certain conditions, could have allowed an authenticated user to cause specific Duo AI workflows to run under another user's identity due to imprope...

8.2CVSS5.5AI score0.00341EPSS

Tenable Nessus•added 2026/05/30 12:0 a.m.•9 views

Linux Distros Unpatched Vulnerability : CVE-2026-4868

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab has remediated an issue in GitLab EE affecting all versions from 18.8 before 18.10.7, 18.11 before 18.11.4, and 19.0 before 19.0.1 that, under certain...

OSV•added 2026/05/28 9:12 a.m.•9 views

Exploits0References2

BIT-GITLAB-2026-4868 Authorization Bypass Through User-Controlled Key in GitLab

NVD•added 2026/05/27 7:16 p.m.•13 views

Exploits0References4

CVE-2026-4868

8.2CVSS0.00341EPSS

OSV•added 2026/05/27 7:16 p.m.•4 views

UBUNTU-CVE-2026-4868

Vulnrichment•added 2026/05/27 5:55 p.m.•12 views

Exploits0References5

CVE-2026-4868 Authorization Bypass Through User-Controlled Key in GitLab

Cvelist•added 2026/05/27 5:55 p.m.•34 views

CVE-2026-4868 Authorization Bypass Through User-Controlled Key in GitLab

8.2CVSS0.00341EPSS

CVE•added 2026/05/27 5:55 p.m.•48 views

CVE-2026-4868

GitLab has remediated an issue in GitLab EE affecting all versions from 18.8 before 18.10.7, 18.11 before 18.11.4, and 19.0 before 19.0.1. Under certain conditions, an authenticated user could have caused specific Duo AI workflows to run under another user’s identity due to improper user identity...

Exploits0References3Affected Software1

EUVD•added 2026/05/27 5:55 p.m.•17 views

EUVD-2026-32620