CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5567 matches found

Linux Distros Unpatched Vulnerability : CVE-2026-4868

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab has remediated an issue in GitLab EE affecting all versions from 18.8 before 18.10.7, 18.11 before 18.11.4, and 19.0 before 19.0.1 that, under certain...

8.2CVSS5.8AI score0.00012EPSS

Exploits0References2

Tenable Nessus•added 5 days ago•10 views

Linux Distros Unpatched Vulnerability : CVE-2026-9807

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.9 before 18.10.7, 18.11 before 18.11.4, and 19.0 before 19.0.1 that under certain...

4.3CVSS5.8AI score0.00012EPSS

Exploits0References2

Tenable Nessus•added 5 days ago•7 views

Linux Distros Unpatched Vulnerability : CVE-2026-2601

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab has remediated an issue in GitLab EE affecting all versions from 11.5 before 18.10.7, 18.11 before 18.11.4, and 19.0 before 19.0.1 that under certain...

4.3CVSS5.8AI score0.00011EPSS

Exploits0References2

UbuntuCve•added 5 days ago•2 views

CVE-2026-2601

GitLab has remediated an issue in GitLab EE affecting all versions from 11.5 before 18.10.7, 18.11 before 18.11.4, and 19.0 before 19.0.1 that under certain conditions could have allowed an authenticated user with developer-role permissions to access sensitive deployment data on projects due to...

4.3CVSS5.8AI score0.00011EPSS

Exploits0References4

Redos•added 5 days ago•5 views

ROS-20260529-73-0012

The vulnerability of HashiCorp’s Vault Community Edition and Vault Enterprise, platforms for archiving corporate information, lies in the ability to bypass authentication by using an alternative path or channel. Exploiting this vulnerability allows a malicious actor to cause service interruptions...

8.1CVSS5.8AI score0.0002EPSS

Exploits0

NVD•added 6 days ago•6 views

CVE-2026-45297

OpenReplay is a self-hosted session replay suite. Prior to 1.26.0, there is a cross-tenant IDOR on feature-flag and assist-stats routes via projectid case mismatch. ProjectAuthorizer.call OSS api/auth/authproject.py:14-38 and EE ee/api/auth/authproject.py:14-46 only runs...

5.3CVSS0.00038EPSS

Exploits0References1

OSV•added 6 days ago•3 views

BIT-GITLAB-2026-5296 Missing Authorization in GitLab

GitLab has remediated an issue in GitLab EE affecting all versions from 18.7 before 18.10.7, 18.11 before 18.11.4, and 19.0 before 19.0.1 that when foundational flows were enabled at the group level, could have allowed an authenticated user with developer-role permissions to bypass flow...

4.3CVSS5.8AI score0.00012EPSS

Exploits0References4

OSV•added 6 days ago•3 views

BIT-GITLAB-2026-4868 Authorization Bypass Through User-Controlled Key in GitLab

GitLab has remediated an issue in GitLab EE affecting all versions from 18.8 before 18.10.7, 18.11 before 18.11.4, and 19.0 before 19.0.1 that, under certain conditions, could have allowed an authenticated user to cause specific Duo AI workflows to run under another user's identity due to imprope...

8.2CVSS5.8AI score0.00012EPSS

Exploits0References4

NCSC•added 6 days ago•11 views

Vulnerabilities are handled in GitLab Community Edition and Enterprise Edition

GitLab has identified several vulnerabilities in the GitLab Community Edition and Enterprise Edition, specifically in versions 12.7 through 18.10.7, 18.11 through 18.11.4, and 19.0 through 19.0.1. These vulnerabilities relate to various aspects of authentication, authorization, and validation...

8.2CVSS5.7AI score0.00064EPSS

Exploits0References1

CNNVD•added 6 days ago•4 views

GitLab 安全漏洞

GitLab is an end-to-end software development platform provided by the American company GitLab. It includes built-in features such as version control, issue tracking, code review, and CI/CD Continuous Integration and Delivery. Vulnerabilities exist in versions of GitLab CE/EE before 18.10.7,...

4.3CVSS5.9AI score0.00012EPSS

Exploits0References3

NVD•added 2026/05/27 7:16 p.m.•7 views

CVE-2026-6713

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.2 before 18.10.7, 18.11 before 18.11.4, and 19.0 before 19.0.1 that under certain conditions could have allowed an unauthorized user to enumerate private projects due to incorrect authorization checks...

5.3CVSS0.00019EPSS

Exploits0References3

NVD•added 2026/05/27 7:16 p.m.•5 views

CVE-2026-5296

4.3CVSS0.00012EPSS

Exploits0References3

OSV•added 2026/05/27 7:16 p.m.•2 views

UBUNTU-CVE-2026-6713

5.3CVSS5.8AI score0.00019EPSS

Exploits0References5

OSV•added 2026/05/27 7:16 p.m.•2 views

UBUNTU-CVE-2026-5296

4.3CVSS5.8AI score0.00012EPSS

Exploits0References5

OSV•added 2026/05/27 7:16 p.m.•4 views

UBUNTU-CVE-2026-1402

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.1 before 18.10.7, 18.11 before 18.11.4, and 19.0 before 19.0.1 that under certain conditions could have allowed an authenticated user to cause denial of service due to insufficient validation...

6.5CVSS5.8AI score0.00064EPSS

Exploits0References5

OSV•added 2026/05/27 7:16 p.m.•3 views

UBUNTU-CVE-2026-2601

4.3CVSS5.8AI score0.00011EPSS

Exploits0References5